diff --git a/schemas/2014-04-01-preview/deploymentTemplate.json b/schemas/2014-04-01-preview/deploymentTemplate.json
index e7efa8586d..a0c6cb6408 100644
--- a/schemas/2014-04-01-preview/deploymentTemplate.json
+++ b/schemas/2014-04-01-preview/deploymentTemplate.json
@@ -156,6 +156,13 @@
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_dataconnections" },
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_principalassignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_principalassignments" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_dataconnections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_attacheddatabaseconfigurations" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_dataconnections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_principalassignments" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_principalassignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/alertrules" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/components" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/autoscalesettings" },
@@ -1843,6 +1850,8 @@
{ "$ref": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.Migrate.json#/resourceDefinitions/assessmentProjects_groups_assessments" },
{ "$ref": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.Migrate.json#/resourceDefinitions/assessmentProjects_hypervcollectors" },
{ "$ref": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.Migrate.json#/resourceDefinitions/assessmentProjects_vmwarecollectors" },
+ { "$ref": "https://schema.management.azure.com/schemas/2019-10-01-preview/Microsoft.Migrate.json#/resourceDefinitions/moveCollections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2019-10-01-preview/Microsoft.Migrate.json#/resourceDefinitions/moveCollections_moveResources" },
{ "$ref": "https://schema.management.azure.com/schemas/2019-03-01/Microsoft.Insights.json#/resourceDefinitions/actionGroups" },
{ "$ref": "https://schema.management.azure.com/schemas/2018-06-01-preview/Microsoft.ManagedServices.json#/resourceDefinitions/registrationAssignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2018-06-01-preview/Microsoft.ManagedServices.json#/resourceDefinitions/registrationDefinitions" },
diff --git a/schemas/2015-01-01/deploymentTemplate.json b/schemas/2015-01-01/deploymentTemplate.json
index 89255d5233..75c028eb20 100644
--- a/schemas/2015-01-01/deploymentTemplate.json
+++ b/schemas/2015-01-01/deploymentTemplate.json
@@ -202,6 +202,13 @@
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_dataconnections" },
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_principalassignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_principalassignments" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_dataconnections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_attacheddatabaseconfigurations" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_dataconnections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_principalassignments" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_principalassignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/alertrules" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/components" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/autoscalesettings" },
diff --git a/schemas/2015-06-01-preview/Microsoft.Security.json b/schemas/2015-06-01-preview/Microsoft.Security.json
index e81cd23730..c33a60dcba 100644
--- a/schemas/2015-06-01-preview/Microsoft.Security.json
+++ b/schemas/2015-06-01-preview/Microsoft.Security.json
@@ -4,10 +4,23 @@
"title": "Microsoft.Security",
"description": "Microsoft Security Resource Types",
"resourceDefinitions": {
- "jitNetworkAccessPolicies": {
+ "locations_jitNetworkAccessPolicies": {
"type": "object",
- "description": "Create a policy for protecting resources using Just-in-Time access control",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2015-06-01-preview"
+ ]
+ },
+ "kind": {
+ "type": "string",
+ "description": "Kind of the resource"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of a Just-in-Time access configuration policy."
+ },
"properties": {
"oneOf": [
{
@@ -16,300 +29,678 @@
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
- ],
- "description": "Security contact data"
+ ]
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/locations/jitNetworkAccessPolicies"]
+ "enum": [
+ "Microsoft.Security/locations/jitNetworkAccessPolicies"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/locations/jitNetworkAccessPolicies"
+ }
+ },
+ "subscription_resourceDefinitions": {
+ "locations_applicationWhitelistings": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2015-06-01-preview"
+ ]
+ },
+ "enforcementMode": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The enforcement mode of the group. Can also be defined per collection type by using ProtectionMode."
},
"name": {
"type": "string",
- "description": "jit network access name"
+ "description": "Name of an application control VM/server group"
},
- "kind": {
+ "pathRecommendations": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/PathRecommendation"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "protectionMode": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ProtectionMode"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux."
+ },
+ "type": {
"type": "string",
- "enum": ["Basic"]
+ "enum": [
+ "Microsoft.Security/locations/applicationWhitelistings"
+ ]
},
- "apiVersion": {
- "enum": ["2015-06-01-preview"]
+ "vmRecommendations": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/VmRecommendation"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "kind",
- "properties"
- ]
+ "name",
+ "type"
+ ],
+ "description": "Microsoft.Security/locations/applicationWhitelistings"
}
},
"definitions": {
- "Resource": {
+ "JitNetworkAccessPolicyProperties": {
"type": "object",
- "description": "Describes an Azure resource.",
"properties": {
- "name": {
- "readOnly": true,
- "type": "string",
- "description": "Resource name"
+ "requests": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessRequest"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "type": {
- "readOnly": true,
- "type": "string",
- "description": "Resource type"
+ "virtualMachines": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Configurations for Microsoft.Compute/virtualMachines resource type."
}
},
- "x-ms-azure-resource": true
+ "required": [
+ "virtualMachines"
+ ]
},
- "Kind": {
+ "JitNetworkAccessPolicyVirtualMachine": {
"type": "object",
- "description": "Describes an Azure resource with kind",
"properties": {
- "kind": {
+ "id": {
"type": "string",
- "description": "Kind of the resource"
- }
- }
- },
- "Location": {
- "type": "object",
- "description": "Describes an Azure resource with location",
- "properties": {
- "location": {
- "readOnly": true,
+ "description": "Resource ID of the virtual machine that is linked to this policy"
+ },
+ "ports": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessPortRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Port configurations for the virtual machine"
+ },
+ "publicIpAddress": {
"type": "string",
- "description": "Location where the resource is stored"
+ "description": "Public IP address of the Azure Firewall that is linked to this policy, if applicable"
}
- }
+ },
+ "required": [
+ "id",
+ "ports"
+ ]
},
- "JitNetworkAccessPoliciesList": {
+ "JitNetworkAccessPortRule": {
"type": "object",
"properties": {
- "value": {
- "type": "array",
- "items": {
- "$ref": "#/definitions/JitNetworkAccessPolicy"
- }
- },
- "nextLink": {
- "readOnly": true,
+ "allowedSourceAddressPrefix": {
"type": "string",
- "description": "The URI to fetch the next page."
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+ },
+ "allowedSourceAddressPrefixes": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter."
+ },
+ "maxRequestAccessDuration": {
+ "type": "string",
+ "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day"
+ },
+ "number": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 65535
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "protocol": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "TCP",
+ "UDP",
+ "*"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
}
- }
+ },
+ "required": [
+ "maxRequestAccessDuration",
+ "number",
+ "protocol"
+ ]
},
- "JitNetworkAccessPolicy": {
+ "JitNetworkAccessRequest": {
"type": "object",
"properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/JitNetworkAccessPolicyProperties"
- }
- },
- "required": ["properties"],
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
+ "justification": {
+ "type": "string",
+ "description": "The justification for making the initiate request"
},
- {
- "$ref": "#/definitions/Kind"
+ "requestor": {
+ "type": "string",
+ "description": "The identity of the person who made the request"
+ },
+ "startTimeUtc": {
+ "type": "string",
+ "format": "date-time",
+ "description": "The start time of the request in UTC"
},
- {
- "$ref": "#/definitions/Location"
+ "virtualMachines": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
}
+ },
+ "required": [
+ "requestor",
+ "startTimeUtc",
+ "virtualMachines"
]
},
- "JitNetworkAccessPolicyProperties": {
+ "JitNetworkAccessRequestPort": {
"type": "object",
"properties": {
- "virtualMachines": {
- "type": "array",
- "description": "Configurations for Microsoft.Compute/virtualMachines resource type.",
- "items": {
- "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine"
- }
+ "allowedSourceAddressPrefix": {
+ "type": "string",
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
},
- "requests": {
- "type": "array",
- "items": {
- "$ref": "#/definitions/JitNetworkAccessRequest"
- }
+ "allowedSourceAddressPrefixes": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter."
},
- "provisioningState": {
+ "endTimeUtc": {
"type": "string",
- "readOnly": true,
- "description": "Gets the provisioning state of the Just-in-Time policy."
+ "format": "date-time",
+ "description": "The date & time at which the request ends in UTC"
+ },
+ "mappedPort": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The port which is mapped to this port's `number` in the Azure Firewall, if applicable"
+ },
+ "number": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 65535
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "status": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Revoked",
+ "Initiated"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The status of the port."
+ },
+ "statusReason": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Expired",
+ "UserRequested",
+ "NewerRequestInitiated"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A description of why the `status` has its value."
}
},
- "required": ["virtualMachines"]
+ "required": [
+ "endTimeUtc",
+ "number",
+ "status",
+ "statusReason"
+ ]
},
- "JitNetworkAccessPolicyVirtualMachine": {
+ "JitNetworkAccessRequestVirtualMachine": {
"type": "object",
- "required": ["id", "ports"],
"properties": {
"id": {
"type": "string",
"description": "Resource ID of the virtual machine that is linked to this policy"
},
"ports": {
- "type": "array",
- "description": "Port configurations for the virtual machine",
- "items": {
- "$ref": "#/definitions/JitNetworkAccessPortRule"
- }
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessRequestPort"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The ports that were opened for the virtual machine"
}
- }
+ },
+ "required": [
+ "id",
+ "ports"
+ ]
},
- "JitNetworkAccessPortRule": {
+ "PathRecommendation": {
"type": "object",
"properties": {
- "number": {
- "$ref": "#/definitions/PortNumber"
+ "action": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Recommended",
+ "Add",
+ "Remove"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "protocol": {
- "type": "string",
- "enum": ["TCP", "UDP", "*"],
- "x-ms-enum": {
- "name": "protocol",
- "modelAsString": true,
- "values": [
- {
- "value": "TCP"
- },
- {
- "value": "UDP"
- },
- {
- "value": "*",
- "name": "All"
- }
- ]
- }
+ "common": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Whether the path is commonly run on the machine"
},
- "allowedSourceAddressPrefix": {
- "type": "string",
- "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+ "configurationStatus": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Configured",
+ "NotConfigured",
+ "InProgress",
+ "Failed",
+ "NoStatus"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "allowedSourceAddressPrefixes": {
- "type": "array",
- "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
- "items": {
- "type": "string",
- "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
- }
+ "fileType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Exe",
+ "Dll",
+ "Msi",
+ "Script",
+ "Executable",
+ "Unknown"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "maxRequestAccessDuration": {
+ "path": {
"type": "string",
- "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day"
+ "description": "The full path to whitelist"
+ },
+ "publisherInfo": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/PublisherInfo"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Represents the publisher information of a process/rule"
+ },
+ "type": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "File",
+ "FileHash",
+ "PublisherSignature",
+ "ProductSignature",
+ "BinarySignature",
+ "VersionAndAboveSignature"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "usernames": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/UserRecommendation"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "userSids": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
}
},
- "required": ["maxRequestAccessDuration", "number", "protocol"]
+ "description": "Represents a path that is recommended to be allowed and its properties"
},
- "JitNetworkAccessRequest": {
+ "ProtectionMode": {
"type": "object",
"properties": {
- "virtualMachines": {
- "type": "array",
- "items": {
- "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine"
- }
+ "exe": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "startTimeUtc": {
- "type": "string",
- "format": "date-time",
- "description": "The start time of the request in UTC"
+ "executable": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "requestor": {
- "type": "string",
- "description": "The identity of the person who made the request"
+ "msi": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "script": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
}
},
- "required": ["requestor", "startTimeUtc", "virtualMachines"]
+ "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux."
},
- "JitNetworkAccessRequestVirtualMachine": {
+ "PublisherInfo": {
"type": "object",
- "required": ["id", "ports"],
"properties": {
- "id": {
+ "binaryName": {
"type": "string",
- "description": "Resource ID of the virtual machine that is linked to this policy"
+ "description": "The \"OriginalName\" field taken from the file's version resource"
},
- "ports": {
- "type": "array",
- "description": "The ports that were opened for the virtual machine",
- "items": {
- "$ref": "#/definitions/JitNetworkAccessRequestPort"
- }
+ "productName": {
+ "type": "string",
+ "description": "The product name taken from the file's version resource"
+ },
+ "publisherName": {
+ "type": "string",
+ "description": "The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country"
+ },
+ "version": {
+ "type": "string",
+ "description": "The binary file version taken from the file's version resource"
}
- }
+ },
+ "description": "Represents the publisher information of a process/rule"
},
- "JitNetworkAccessRequestPort": {
+ "UserRecommendation": {
"type": "object",
"properties": {
- "number": {
- "$ref": "#/definitions/PortNumber"
+ "recommendationAction": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Recommended",
+ "Add",
+ "Remove"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "allowedSourceAddressPrefix": {
+ "username": {
"type": "string",
- "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
- },
- "allowedSourceAddressPrefixes": {
- "type": "array",
- "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
- "items": {
- "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\".",
- "type": "string"
- }
+ "description": "Represents a user that is recommended to be allowed for a certain rule"
+ }
+ },
+ "description": "Represents a user that is recommended to be allowed for a certain rule"
+ },
+ "VmRecommendation": {
+ "type": "object",
+ "properties": {
+ "configurationStatus": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Configured",
+ "NotConfigured",
+ "InProgress",
+ "Failed",
+ "NoStatus"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "endTimeUtc": {
- "type": "string",
- "format": "date-time",
- "description": "The date & time at which the request ends in UTC"
+ "enforcementSupport": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Supported",
+ "NotSupported",
+ "Unknown"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "status": {
- "type": "string",
- "description": "The status of the port",
- "enum": ["Revoked", "Initiated"],
- "x-ms-enum": {
- "name": "status",
- "modelAsString": true,
- "values": [
- {
- "value": "Revoked"
- },
- {
- "value": "Initiated"
- }
- ]
- }
+ "recommendationAction": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Recommended",
+ "Add",
+ "Remove"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
},
- "statusReason": {
+ "resourceId": {
"type": "string",
- "description": "A description of why the `status` has its value",
- "enum": ["Expired", "UserRequested", "NewerRequestInitiated"],
- "x-ms-enum": {
- "name": "statusReason",
- "modelAsString": true,
- "values": [
- {
- "value": "Expired"
- },
- {
- "value": "UserRequested"
- },
- {
- "value": "NewerRequestInitiated"
- }
- ]
- }
+ "description": "The full azure resource id of the machine"
}
},
- "required": ["endTimeUtc", "number", "status", "statusReason"]
- },
- "PortNumber": {
- "type": "integer",
- "minimum": 0,
- "maximum": 65535
+ "description": "Represents a machine that is part of a VM/server group"
}
}
}
diff --git a/schemas/2017-08-01-preview/Microsoft.Security.json b/schemas/2017-08-01-preview/Microsoft.Security.json
index 70edec2280..0edf15eb3f 100644
--- a/schemas/2017-08-01-preview/Microsoft.Security.json
+++ b/schemas/2017-08-01-preview/Microsoft.Security.json
@@ -2,751 +2,1524 @@
"id": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#",
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Microsoft.Security",
- "description": "Microsoft Security service",
+ "description": "Microsoft Security Resource Types",
"resourceDefinitions": {
- "pricings": {
+ "iotSecuritySolutions": {
"type": "object",
- "description": "Pricing tier will be applied for the scope based on the resource ID",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "location": {
+ "type": "string",
+ "description": "The resource location."
+ },
+ "name": {
+ "type": "string",
+ "description": "The solution manager name"
+ },
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/PricingProperties"
+ "$ref": "#/definitions/IoTSecuritySolutionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Security contact data"
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "description": "Security Solution setting data"
},
- "name": {
- "type": "string",
- "description": "pricings name"
+ "tags": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Resource tags"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/pricings"]
+ "enum": [
+ "Microsoft.Security/iotSecuritySolutions"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/iotSecuritySolutions"
},
- "securityContacts": {
+ "pricings": {
"type": "object",
- "description": "Contact details for security issues",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "name of the pricing configuration"
+ },
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/SecurityContactProperties"
+ "$ref": "#/definitions/PricingProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Security contact data"
- },
- "name": {
- "type": "string",
- "description": "security contact name"
+ "description": "Pricing data"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/securityContacts"]
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "enum": [
+ "Microsoft.Security/pricings"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
- },
- "workspaceSettings": {
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/pricings"
+ }
+ },
+ "subscription_resourceDefinitions": {
+ "autoProvisioningSettings": {
"type": "object",
- "description": "Configures where to store the OMS agent data for workspaces under a scope",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Auto provisioning setting key"
+ },
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/WorkspaceSettingProperties"
+ "$ref": "#/definitions/AutoProvisioningSettingProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Workspace setting data"
- },
- "name": {
- "type": "string",
- "description": "workspace name"
+ "description": "describes properties of an auto provisioning setting"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/workspaceSettings"]
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "enum": [
+ "Microsoft.Security/autoProvisioningSettings"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/autoProvisioningSettings"
},
- "autoProvisioningSettings": {
+ "pricings": {
"type": "object",
- "description": "Auto provisioning setting",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "name of the pricing configuration"
+ },
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/AutoProvisioningSettingProperties"
+ "$ref": "#/definitions/PricingProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Auto provisioning setting data"
- },
- "name": {
- "type": "string",
- "description": "auto provisioning setting name"
+ "description": "Pricing data"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/autoProvisioningSettings"]
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "enum": [
+ "Microsoft.Security/pricings"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/pricings"
},
- "advancedThreatProtectionSettings": {
+ "securityContacts": {
"type": "object",
- "description": "The Advanced Threat Protection resource",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the security contact object"
+ },
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+ "$ref": "#/definitions/SecurityContactProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "The Advanced Threat Protection resource"
- },
- "name": {
- "type": "string",
- "description": "advanced threat protection setting name"
+ "description": "describes security contact properties"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/advancedThreatProtectionSettings"]
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "enum": [
+ "Microsoft.Security/securityContacts"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/securityContacts"
},
"settings": {
"type": "object",
- "description": "Represents a security setting in Azure Security Center",
- "discriminator": "kind",
"properties": {
- "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "kind": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "DataExportSetting",
+ "AlertSuppressionSetting"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "the kind of the settings string (DataExportSetting)."
+ },
+ "name": {
"oneOf": [
{
- "$ref": "#/definitions/SettingResource"
+ "type": "string",
+ "enum": [
+ "MCAS",
+ "WDATP"
+ ]
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Settings"
+ "description": "Name of setting: (MCAS/WDATP)."
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/settings"]
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "enum": [
+ "Microsoft.Security/settings"
+ ]
}
},
"required": [
- "name",
- "kind",
"apiVersion",
- "properties"
- ]
+ "kind",
+ "name",
+ "type"
+ ],
+ "description": "Microsoft.Security/settings"
},
- "informationProtectionPolicies": {
+ "workspaceSettings": {
"type": "object",
- "description": "Information protection policy.",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the security setting"
+ },
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/InformationProtectionPolicyProperties"
+ "$ref": "#/definitions/WorkspaceSettingProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Information protection policy data"
- },
- "name": {
- "type": "string",
- "description": "information protection policy name"
+ "description": "Workspace setting data"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/informationProtectionPolicies"]
- },
- "apiVersion": {
- "enum": ["2017-08-01-preview"]
+ "enum": [
+ "Microsoft.Security/workspaceSettings"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/workspaceSettings"
}
},
- "definitions": {
- "Resource": {
+ "unknown_resourceDefinitions": {
+ "advancedThreatProtectionSettings": {
"type": "object",
- "description": "Describes an Azure resource.",
"properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2017-08-01-preview"
+ ]
+ },
"name": {
- "readOnly": true,
"type": "string",
- "description": "Resource name"
+ "description": "Advanced Threat Protection setting name."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The Advanced Threat Protection settings."
},
"type": {
- "readOnly": true,
"type": "string",
- "description": "Resource type"
+ "enum": [
+ "Microsoft.Security/advancedThreatProtectionSettings"
+ ]
}
},
- "x-ms-azure-resource": true
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/advancedThreatProtectionSettings"
},
- "Kind": {
+ "deviceSecurityGroups": {
"type": "object",
- "description": "Describes an Azure resource with kind",
"properties": {
- "kind": {
+ "apiVersion": {
"type": "string",
- "description": "Kind of the resource"
- }
- }
- },
- "SecurityContactList": {
- "type": "object",
- "description": "List of security contacts response",
- "properties": {
- "value": {
- "readOnly": true,
- "description": "List of security contacts",
- "type": "array",
- "items": {
- "$ref": "#/definitions/SecurityContact"
- }
+ "enum": [
+ "2017-08-01-preview"
+ ]
},
- "nextLink": {
- "readOnly": true,
+ "name": {
"type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "SecurityContact": {
- "type": "object",
- "description": "Contact details for security issues",
- "properties": {
+ "description": "The name of the device security group. Note that the name of the device security group is case insensitive."
+ },
"properties": {
- "x-ms-client-flatten": true,
- "description": "Security contact data",
- "$ref": "#/definitions/SecurityContactProperties"
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DeviceSecurityGroupProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "describes properties of a security group."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/deviceSecurityGroups"
+ ]
}
},
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/deviceSecurityGroups"
},
- "SecurityContactProperties": {
+ "informationProtectionPolicies": {
"type": "object",
- "description": "describes security contact properties",
"properties": {
- "email": {
+ "apiVersion": {
"type": "string",
- "format": "email",
- "description": "The email of this security contact"
+ "enum": [
+ "2017-08-01-preview"
+ ]
},
- "phone": {
- "type": "string",
- "description": "The phone number of this security contact"
+ "name": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "effective",
+ "custom"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Name of the information protection policy."
},
- "alertNotifications": {
- "type": "string",
- "enum": ["On", "Off"],
- "x-ms-enum": {
- "name": "alertNotifications",
- "modelAsString": true,
- "values": [
- {
- "value": "On",
- "description": "Get notifications on new alerts"
- },
- {
- "value": "Off",
- "description": "Don't get notifications on new alerts"
- }
- ]
- },
- "description": "Whether to send security alerts notifications to the security contact"
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/InformationProtectionPolicyProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "describes properties of an information protection policy."
},
- "alertsToAdmins": {
+ "type": {
"type": "string",
- "enum": ["On", "Off"],
- "x-ms-enum": {
- "name": "alertsToAdmins",
- "modelAsString": true,
- "values": [
- {
- "value": "On",
- "description": "Send notification on new alerts to the subscription's admins"
- },
- {
- "value": "Off",
- "description": "Don't send notification on new alerts to the subscription's admins"
- }
- ]
- },
- "description": "Whether to send security alerts notifications to subscription admins"
+ "enum": [
+ "Microsoft.Security/informationProtectionPolicies"
+ ]
}
},
- "required": ["email", "alertNotifications", "alertsToAdmins"]
- },
- "PricingList": {
- "description": "List of pricing configurations response",
- "required": ["value"],
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/informationProtectionPolicies"
+ }
+ },
+ "definitions": {
+ "ActiveConnectionsNotInAllowedRange": {
+ "type": "object",
"properties": {
- "value": {
- "type": "array",
- "description": "List of pricing configurations",
- "items": {
- "$ref": "#/definitions/Pricing"
- }
- },
- "nextLink": {
- "readOnly": true,
+ "ruleType": {
"type": "string",
- "description": "The URI to fetch the next page."
+ "enum": [
+ "ActiveConnectionsNotInAllowedRange"
+ ]
}
- }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of active connections is not in allowed range."
},
- "Pricing": {
+ "AdvancedThreatProtectionProperties": {
"type": "object",
- "description": "Pricing tier will be applied for the scope based on the resource ID",
"properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Pricing data",
- "$ref": "#/definitions/PricingProperties"
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether Advanced Threat Protection is enabled."
}
},
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
+ "description": "The Advanced Threat Protection settings."
},
- "PricingProperties": {
+ "AllowlistCustomAlertRule": {
"type": "object",
- "description": "Pricing data",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ConnectionToIpNotAllowed"
+ },
+ {
+ "$ref": "#/definitions/LocalUserNotAllowed"
+ },
+ {
+ "$ref": "#/definitions/ProcessNotAllowed"
+ }
+ ],
"properties": {
- "pricingTier": {
- "type": "string",
- "description": "Pricing tier type",
- "enum": ["Free", "Standard"],
- "x-ms-enum": {
- "name": "pricingTier",
- "modelAsString": true,
- "values": [
- {
- "value": "Free",
- "description": "Get free Azure security center experience with basic security features"
- },
- {
- "value": "Standard",
- "description": "Get the standard Azure security center experience with advanced security features"
+ "allowlistValues": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
}
- ]
- }
- }
- },
- "required": ["pricingTier"]
- },
- "WorkspaceSettingList": {
- "description": "List of workspace settings response",
- "required": ["value"],
- "properties": {
- "value": {
- "type": "array",
- "description": "List of workspace settings",
- "items": {
- "$ref": "#/definitions/WorkspaceSetting"
- }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The values to allow. The format of the values depends on the rule type."
},
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the custom alert."
}
- }
+ },
+ "required": [
+ "allowlistValues",
+ "isEnabled"
+ ],
+ "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed."
},
- "WorkspaceSetting": {
+ "AmqpC2DMessagesNotInAllowedRange": {
"type": "object",
- "description": "Configures where to store the OMS agent data for workspaces under a scope",
"properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Workspace setting data",
- "$ref": "#/definitions/WorkspaceSettingProperties"
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "AmqpC2DMessagesNotInAllowedRange"
+ ]
}
},
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range."
},
- "WorkspaceSettingProperties": {
+ "AmqpC2DRejectedMessagesNotInAllowedRange": {
"type": "object",
- "description": "Workspace setting data",
"properties": {
- "workspaceId": {
- "type": "string",
- "description": "The full Azure ID of the workspace to save the data in"
- },
- "scope": {
+ "ruleType": {
"type": "string",
- "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope"
+ "enum": [
+ "AmqpC2DRejectedMessagesNotInAllowedRange"
+ ]
}
},
- "required": ["workspaceId", "scope"]
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range."
},
- "AutoProvisioningSettingList": {
+ "AmqpD2CMessagesNotInAllowedRange": {
"type": "object",
- "description": "List of all the auto provisioning settings response",
"properties": {
- "value": {
- "description": "List of all the auto provisioning settings",
- "type": "array",
- "items": {
- "$ref": "#/definitions/AutoProvisioningSetting"
- }
- },
- "nextLink": {
- "readOnly": true,
+ "ruleType": {
"type": "string",
- "description": "The URI to fetch the next page."
+ "enum": [
+ "AmqpD2CMessagesNotInAllowedRange"
+ ]
}
- }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range."
},
- "AutoProvisioningSetting": {
+ "AutoProvisioningSettingProperties": {
"type": "object",
- "description": "Auto provisioning setting",
"properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Auto provisioning setting data",
- "$ref": "#/definitions/AutoProvisioningSettingProperties"
+ "autoProvision": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "On",
+ "Off"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes what kind of security agent provisioning action to take."
}
},
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
+ "required": [
+ "autoProvision"
+ ],
+ "description": "describes properties of an auto provisioning setting"
},
- "AutoProvisioningSettingProperties": {
+ "ConnectionToIpNotAllowed": {
"type": "object",
- "description": "describes properties of an auto provisioning setting",
"properties": {
- "autoProvision": {
+ "ruleType": {
"type": "string",
- "description": "Describes what kind of security agent provisioning action to take",
- "enum": ["On", "Off"],
- "x-ms-enum": {
- "name": "autoProvision",
- "modelAsString": true,
- "values": [
- {
- "value": "On",
- "description": "Install missing security agent on VMs automatically"
- },
- {
- "value": "Off",
- "description": "Do not install security agent on the VMs automatically"
- }
- ]
- }
+ "enum": [
+ "ConnectionToIpNotAllowed"
+ ]
}
},
- "required": ["autoProvision"]
+ "required": [
+ "ruleType"
+ ],
+ "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation."
},
- "AdvancedThreatProtectionProperties": {
+ "DenylistCustomAlertRule": {
+ "type": "object",
"properties": {
+ "denylistValues": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The values to deny. The format of the values depends on the rule type."
+ },
"isEnabled": {
- "type": "boolean",
- "description": "Indicates whether Advanced Threat Protection is enabled."
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the custom alert."
}
},
- "description": "The Advanced Threat Protection settings."
+ "required": [
+ "denylistValues",
+ "isEnabled"
+ ],
+ "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied."
},
- "AdvancedThreatProtectionSetting": {
+ "DeviceSecurityGroupProperties": {
"type": "object",
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ],
"properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+ "allowlistRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AllowlistCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The allow-list custom alert rules."
+ },
+ "denylistRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/DenylistCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The deny-list custom alert rules."
+ },
+ "thresholdRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ThresholdCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The list of custom alert threshold rules."
+ },
+ "timeWindowRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TimeWindowCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The list of custom alert time-window rules."
}
},
- "description": "The Advanced Threat Protection resource."
+ "description": "describes properties of a security group."
},
- "SettingsList": {
+ "DirectMethodInvokesNotInAllowedRange": {
"type": "object",
- "description": "Subscription settings list.",
"properties": {
- "value": {
- "type": "array",
- "description": "The settings list.",
- "items": {
- "$ref": "#/definitions/Setting"
- }
- },
- "nextLink": {
- "readOnly": true,
+ "ruleType": {
"type": "string",
- "description": "The URI to fetch the next page."
+ "enum": [
+ "DirectMethodInvokesNotInAllowedRange"
+ ]
}
- }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of direct method invokes is not in allowed range."
},
- "Setting": {
+ "FailedLocalLoginsNotInAllowedRange": {
"type": "object",
- "description": "Represents a security setting in Azure Security Center.",
- "discriminator": "kind",
- "properties": {},
- "allOf": [
- {
- "$ref": "#/definitions/SettingResource"
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "FailedLocalLoginsNotInAllowedRange"
+ ]
}
- ]
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of failed local logins is not in allowed range."
},
- "SettingResource": {
+ "FileUploadsNotInAllowedRange": {
"type": "object",
- "description": "The kind of the security setting",
"properties": {
- "kind": {
+ "ruleType": {
"type": "string",
- "description": "the kind of the settings string (DataExportSetting)",
- "enum": ["DataExportSetting", "AlertSuppressionSetting"],
- "x-ms-enum": {
- "name": "SettingKind",
- "modelAsString": true,
- "values": [
- {
- "value": "DataExportSetting"
- },
- {
- "value": "AlertSuppressionSetting"
- }
- ]
- }
+ "enum": [
+ "FileUploadsNotInAllowedRange"
+ ]
}
},
- "required": ["kind"],
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of file uploads is not in allowed range."
},
- "DataExportSettingProperties": {
+ "HttpC2DMessagesNotInAllowedRange": {
"type": "object",
- "description": "The data export setting properties",
"properties": {
- "enabled": {
- "type": "boolean",
- "description": "Is the data export setting is enabled"
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "HttpC2DMessagesNotInAllowedRange"
+ ]
}
},
- "required": ["enabled"]
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range."
},
- "InformationProtectionPolicyList": {
+ "HttpC2DRejectedMessagesNotInAllowedRange": {
"type": "object",
- "readOnly": true,
- "description": "Information protection policies response.",
"properties": {
- "value": {
- "type": "array",
- "description": "List of information protection policies.",
- "items": {
- "$ref": "#/definitions/InformationProtectionPolicy"
- }
- },
- "nextLink": {
- "readOnly": true,
+ "ruleType": {
"type": "string",
- "description": "The URI to fetch the next page."
+ "enum": [
+ "HttpC2DRejectedMessagesNotInAllowedRange"
+ ]
}
- }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range."
},
- "InformationProtectionPolicy": {
+ "HttpD2CMessagesNotInAllowedRange": {
"type": "object",
- "description": "Information protection policy.",
"properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Information protection policy data",
- "$ref": "#/definitions/InformationProtectionPolicyProperties"
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "HttpD2CMessagesNotInAllowedRange"
+ ]
}
},
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range."
},
- "InformationProtectionPolicyProperties": {
+ "InformationProtectionKeyword": {
"type": "object",
- "description": "describes properties of an information protection policy.",
"properties": {
- "lastModifiedUtc": {
- "type": "string",
- "format": "date-time",
- "readOnly": true,
- "description": "Describes the last UTC time the policy was modified."
+ "canBeNumeric": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether the keyword can be applied on numeric types or not."
},
- "labels": {
- "type": "object",
- "description": "Dictionary of sensitivity labels.",
- "additionalProperties": {
- "$ref": "#/definitions/SensitivityLabel"
- }
+ "custom": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether the keyword is custom or not."
},
- "informationTypes": {
- "type": "object",
- "description": "The sensitivity information types.",
- "additionalProperties": {
- "$ref": "#/definitions/InformationType"
- }
+ "excluded": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether the keyword is excluded or not."
+ },
+ "pattern": {
+ "type": "string",
+ "description": "The keyword pattern."
}
- }
+ },
+ "description": "The information type keyword."
},
- "SensitivityLabel": {
+ "InformationProtectionPolicyProperties": {
"type": "object",
- "description": "The sensitivity label.",
"properties": {
- "displayName": {
- "type": "string",
- "description": "The name of the sensitivity label."
- },
- "order": {
- "type": "number",
- "description": "The order of the sensitivity label."
+ "informationTypes": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/definitions/InformationType"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The sensitivity information types."
},
- "enabled": {
- "type": "boolean",
- "description": "Indicates whether the label is enabled or not."
+ "labels": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "$ref": "#/definitions/SensitivityLabel"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Dictionary of sensitivity labels."
}
- }
+ },
+ "description": "describes properties of an information protection policy."
},
"InformationType": {
"type": "object",
- "description": "The information type.",
"properties": {
- "displayName": {
- "type": "string",
- "description": "The name of the information type."
+ "custom": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether the information type is custom or not."
},
- "order": {
- "type": "number",
- "description": "The order of the information type."
+ "description": {
+ "type": "string",
+ "description": "The description of the information type."
},
- "recommendedLabelId": {
+ "displayName": {
"type": "string",
- "format": "uuid",
- "description": "The recommended label id to be associated with this information type."
+ "description": "The name of the information type."
},
"enabled": {
- "type": "boolean",
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
"description": "Indicates whether the information type is enabled or not."
},
- "custom": {
- "type": "boolean",
- "description": "Indicates whether the information type is custom or not."
- },
"keywords": {
- "type": "array",
- "description": "The information type keywords.",
- "items": {
- "$ref": "#/definitions/InformationProtectionKeyword"
- }
- }
- }
- },
- "InformationProtectionKeyword": {
- "type": "object",
- "description": "The information type keyword.",
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/InformationProtectionKeyword"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The information type keywords."
+ },
+ "order": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The order of the information type."
+ },
+ "recommendedLabelId": {
+ "oneOf": [
+ {
+ "type": "string",
+ "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The recommended label id to be associated with this information type."
+ }
+ },
+ "description": "The information type."
+ },
+ "IoTSecuritySolutionProperties": {
+ "type": "object",
"properties": {
- "pattern": {
+ "disabledDataSources": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "TwinData"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Disabled data sources. Disabling these data sources compromises the system."
+ },
+ "displayName": {
"type": "string",
- "description": "The keyword pattern."
+ "description": "Resource display name."
},
- "custom": {
- "type": "boolean",
- "description": "Indicates whether the keyword is custom or not."
+ "export": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "RawEvents"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "List of additional export to workspace data options"
},
- "canBeNumeric": {
- "type": "boolean",
- "description": "Indicates whether the keyword can be applied on numeric types or not."
+ "iotHubs": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "IoT Hub resource IDs"
},
- "excluded": {
- "type": "boolean",
- "description": "Indicates whether the keyword is excluded or not."
+ "recommendationsConfiguration": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/RecommendationConfigurationProperties"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "List of recommendation configuration"
+ },
+ "status": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Enabled",
+ "Disabled"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Security solution status."
+ },
+ "userDefinedResources": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/UserDefinedResourcesProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Properties of the solution's user defined resources."
+ },
+ "workspace": {
+ "type": "string",
+ "description": "Workspace resource ID"
+ }
+ },
+ "required": [
+ "displayName",
+ "iotHubs",
+ "workspace"
+ ],
+ "description": "Security Solution setting data"
+ },
+ "LocalUserNotAllowed": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "LocalUserNotAllowed"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow."
+ },
+ "MqttC2DMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "MqttC2DMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range."
+ },
+ "MqttC2DRejectedMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "MqttC2DRejectedMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range."
+ },
+ "MqttD2CMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "MqttD2CMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range."
+ },
+ "PricingProperties": {
+ "type": "object",
+ "properties": {
+ "pricingTier": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Free",
+ "Standard"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Pricing tier type."
}
- }
+ },
+ "required": [
+ "pricingTier"
+ ],
+ "description": "Pricing data"
+ },
+ "ProcessNotAllowed": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "ProcessNotAllowed"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow."
+ },
+ "QueuePurgesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "QueuePurgesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device queue purges is not in allowed range."
+ },
+ "RecommendationConfigurationProperties": {
+ "type": "object",
+ "properties": {
+ "recommendationType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "IoT_ACRAuthentication",
+ "IoT_AgentSendsUnutilizedMessages",
+ "IoT_Baseline",
+ "IoT_EdgeHubMemOptimize",
+ "IoT_EdgeLoggingOptions",
+ "IoT_InconsistentModuleSettings",
+ "IoT_InstallAgent",
+ "IoT_IPFilter_DenyAll",
+ "IoT_IPFilter_PermissiveRule",
+ "IoT_OpenPorts",
+ "IoT_PermissiveFirewallPolicy",
+ "IoT_PermissiveInputFirewallRules",
+ "IoT_PermissiveOutputFirewallRules",
+ "IoT_PrivilegedDockerOptions",
+ "IoT_SharedCredentials",
+ "IoT_VulnerableTLSCipherSuite"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The recommendation type."
+ },
+ "status": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Recommendation status. The recommendation is not generated when the status is disabled."
+ }
+ },
+ "required": [
+ "recommendationType",
+ "status"
+ ],
+ "description": "Recommendation configuration"
+ },
+ "SecurityContactProperties": {
+ "type": "object",
+ "properties": {
+ "alertNotifications": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "On",
+ "Off"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Whether to send security alerts notifications to the security contact."
+ },
+ "alertsToAdmins": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "On",
+ "Off"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Whether to send security alerts notifications to subscription admins."
+ },
+ "email": {
+ "type": "string",
+ "format": "email",
+ "description": "The email of this security contact"
+ },
+ "phone": {
+ "type": "string",
+ "description": "The phone number of this security contact"
+ }
+ },
+ "required": [
+ "alertNotifications",
+ "alertsToAdmins",
+ "email"
+ ],
+ "description": "describes security contact properties"
+ },
+ "SensitivityLabel": {
+ "type": "object",
+ "properties": {
+ "description": {
+ "type": "string",
+ "description": "The description of the sensitivity label."
+ },
+ "displayName": {
+ "type": "string",
+ "description": "The name of the sensitivity label."
+ },
+ "enabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether the label is enabled or not."
+ },
+ "order": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The order of the sensitivity label."
+ },
+ "rank": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "None",
+ "Low",
+ "Medium",
+ "High",
+ "Critical"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The rank of the sensitivity label."
+ }
+ },
+ "description": "The sensitivity label."
+ },
+ "ThresholdCustomAlertRule": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/TimeWindowCustomAlertRule"
+ }
+ ],
+ "properties": {
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the custom alert."
+ },
+ "maxThreshold": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The maximum threshold."
+ },
+ "minThreshold": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The minimum threshold."
+ }
+ },
+ "required": [
+ "isEnabled",
+ "maxThreshold",
+ "minThreshold"
+ ],
+ "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range."
+ },
+ "TimeWindowCustomAlertRule": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ActiveConnectionsNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/AmqpC2DMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/MqttC2DMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/HttpC2DMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/AmqpC2DRejectedMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/MqttC2DRejectedMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/HttpC2DRejectedMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/AmqpD2CMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/MqttD2CMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/HttpD2CMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/DirectMethodInvokesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/FailedLocalLoginsNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/FileUploadsNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/QueuePurgesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/TwinUpdatesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/UnauthorizedOperationsNotInAllowedRange"
+ }
+ ],
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "TimeWindowCustomAlertRule"
+ ]
+ },
+ "timeWindowSize": {
+ "type": "string",
+ "format": "duration",
+ "description": "The time window size in iso8601 format."
+ }
+ },
+ "required": [
+ "ruleType",
+ "timeWindowSize"
+ ],
+ "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range."
+ },
+ "TwinUpdatesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "TwinUpdatesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of twin updates is not in allowed range."
+ },
+ "UnauthorizedOperationsNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "UnauthorizedOperationsNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of unauthorized operations is not in allowed range."
+ },
+ "UserDefinedResourcesProperties": {
+ "type": "object",
+ "properties": {
+ "query": {
+ "type": "string",
+ "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\""
+ },
+ "querySubscriptions": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "List of Azure subscription ids on which the user defined resources query should be executed."
+ }
+ },
+ "required": [
+ "query",
+ "querySubscriptions"
+ ],
+ "description": "Properties of the solution's user defined resources."
+ },
+ "WorkspaceSettingProperties": {
+ "type": "object",
+ "properties": {
+ "scope": {
+ "type": "string",
+ "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope"
+ },
+ "workspaceId": {
+ "type": "string",
+ "description": "The full Azure ID of the workspace to save the data in"
+ }
+ },
+ "required": [
+ "scope",
+ "workspaceId"
+ ],
+ "description": "Workspace setting data"
}
}
}
diff --git a/schemas/2018-06-01/Microsoft.Security.json b/schemas/2018-06-01/Microsoft.Security.json
index 4aa52b7178..09ed3e2ec3 100644
--- a/schemas/2018-06-01/Microsoft.Security.json
+++ b/schemas/2018-06-01/Microsoft.Security.json
@@ -2,752 +2,73 @@
"id": "https://schema.management.azure.com/schemas/2018-06-01/Microsoft.Security.json#",
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Microsoft.Security",
- "description": "Microsoft Security service",
- "resourceDefinitions": {
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {},
+ "subscription_resourceDefinitions": {
"pricings": {
"type": "object",
- "description": "Pricing tier will be applied for the scope based on the resource ID",
"properties": {
- "properties": {
- "oneOf": [
- {
- "$ref": "#/definitions/PricingProperties"
- },
- {
- "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
- }
- ],
- "description": "Security contact data"
- },
"apiVersion": {
- "enum": ["2018-06-01"]
- },
- "name": {
- "type": "string",
- "enum": ["VirtualMachines", "SqlServers", "AppServices"],
- "description": "pricings name"
- },
- "type": {
- "type": "string",
- "enum": ["Microsoft.Security/pricings"]
- }
- },
- "required": [
- "name",
- "apiVersion",
- "properties"
- ]
- },
- "securityContacts": {
- "type": "object",
- "description": "Contact details for security issues",
- "properties": {
- "properties": {
- "oneOf": [
- {
- "$ref": "#/definitions/SecurityContactProperties"
- },
- {
- "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
- }
- ],
- "description": "Security contact data"
- },
- "name": {
- "type": "string",
- "description": "security contact name"
- },
- "type": {
"type": "string",
- "enum": ["Microsoft.Security/securityContacts"]
- },
- "apiVersion": {
- "enum": ["2018-06-01"]
- }
- },
- "required": [
- "name",
- "apiVersion",
- "properties"
- ]
- },
- "workspaceSettings": {
- "type": "object",
- "description": "Configures where to store the OMS agent data for workspaces under a scope",
- "properties": {
- "properties": {
- "oneOf": [
- {
- "$ref": "#/definitions/WorkspaceSettingProperties"
- },
- {
- "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
- }
- ],
- "description": "Workspace setting data"
- },
- "name": {
- "type": "string",
- "description": "workspace name"
- },
- "type": {
- "type": "string",
- "enum": ["Microsoft.Security/workspaceSettings"]
- },
- "apiVersion": {
- "enum": ["2018-06-01"]
- }
- },
- "required": [
- "name",
- "apiVersion",
- "properties"
- ]
- },
- "autoProvisioningSettings": {
- "type": "object",
- "description": "Auto provisioning setting",
- "properties": {
- "properties": {
- "oneOf": [
- {
- "$ref": "#/definitions/AutoProvisioningSettingProperties"
- },
- {
- "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
- }
- ],
- "description": "Auto provisioning setting data"
+ "enum": [
+ "2018-06-01"
+ ]
},
"name": {
"type": "string",
- "description": "auto provisioning setting name"
+ "description": "name of the pricing configuration"
},
- "type": {
- "type": "string",
- "enum": ["Microsoft.Security/autoProvisioningSettings"]
- },
- "apiVersion": {
- "enum": ["2018-06-01"]
- }
- },
- "required": [
- "name",
- "apiVersion",
- "properties"
- ]
- },
- "advancedThreatProtectionSettings": {
- "type": "object",
- "description": "The Advanced Threat Protection resource",
- "properties": {
"properties": {
"oneOf": [
{
- "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+ "$ref": "#/definitions/PricingProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "The Advanced Threat Protection resource"
- },
- "name": {
- "type": "string",
- "description": "advanced threat protection setting name"
+ "description": "Pricing properties for the relevant scope"
},
"type": {
"type": "string",
- "enum": ["Microsoft.Security/advancedThreatProtectionSettings"]
- },
- "apiVersion": {
- "enum": ["2018-06-01"]
+ "enum": [
+ "Microsoft.Security/pricings"
+ ]
}
},
"required": [
- "name",
"apiVersion",
- "properties"
- ]
- },
- "settings": {
- "type": "object",
- "description": "Represents a security setting in Azure Security Center",
- "discriminator": "kind",
- "properties": {
- "properties": {
- "oneOf": [
- {
- "$ref": "#/definitions/SettingResource"
- },
- {
- "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
- }
- ],
- "description": "Settings"
- },
- "type": {
- "type": "string",
- "enum": ["Microsoft.Security/settings"]
- },
- "apiVersion": {
- "enum": ["2018-06-01"]
- }
- },
- "required": [
"name",
- "kind",
- "apiVersion",
- "properties"
- ]
- },
- "informationProtectionPolicies": {
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/pricings"
+ }
+ },
+ "definitions": {
+ "PricingProperties": {
"type": "object",
- "description": "Information protection policy.",
"properties": {
- "properties": {
+ "pricingTier": {
"oneOf": [
{
- "$ref": "#/definitions/InformationProtectionPolicyProperties"
+ "type": "string",
+ "enum": [
+ "Free",
+ "Standard"
+ ]
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
- "description": "Information protection policy data"
- },
- "name": {
- "type": "string",
- "description": "information protection policy name"
- },
- "type": {
- "type": "string",
- "enum": ["Microsoft.Security/informationProtectionPolicies"]
- },
- "apiVersion": {
- "enum": ["2018-06-01"]
+ "description": "The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features."
}
},
"required": [
- "name",
- "apiVersion",
- "properties"
- ]
- }
- },
- "definitions": {
- "Resource": {
- "type": "object",
- "description": "Describes an Azure resource.",
- "properties": {
- "name": {
- "readOnly": true,
- "type": "string",
- "description": "Resource name"
- },
- "type": {
- "readOnly": true,
- "type": "string",
- "description": "Resource type"
- }
- },
- "x-ms-azure-resource": true
- },
- "Kind": {
- "type": "object",
- "description": "Describes an Azure resource with kind",
- "properties": {
- "kind": {
- "type": "string",
- "description": "Kind of the resource"
- }
- }
- },
- "SecurityContactList": {
- "type": "object",
- "description": "List of security contacts response",
- "properties": {
- "value": {
- "readOnly": true,
- "description": "List of security contacts",
- "type": "array",
- "items": {
- "$ref": "#/definitions/SecurityContact"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "SecurityContact": {
- "type": "object",
- "description": "Contact details for security issues",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Security contact data",
- "$ref": "#/definitions/SecurityContactProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
- },
- "SecurityContactProperties": {
- "type": "object",
- "description": "describes security contact properties",
- "properties": {
- "email": {
- "type": "string",
- "format": "email",
- "description": "The email of this security contact"
- },
- "phone": {
- "type": "string",
- "description": "The phone number of this security contact"
- },
- "alertNotifications": {
- "type": "string",
- "enum": ["On", "Off"],
- "x-ms-enum": {
- "name": "alertNotifications",
- "modelAsString": true,
- "values": [
- {
- "value": "On",
- "description": "Get notifications on new alerts"
- },
- {
- "value": "Off",
- "description": "Don't get notifications on new alerts"
- }
- ]
- },
- "description": "Whether to send security alerts notifications to the security contact"
- },
- "alertsToAdmins": {
- "type": "string",
- "enum": ["On", "Off"],
- "x-ms-enum": {
- "name": "alertsToAdmins",
- "modelAsString": true,
- "values": [
- {
- "value": "On",
- "description": "Send notification on new alerts to the subscription's admins"
- },
- {
- "value": "Off",
- "description": "Don't send notification on new alerts to the subscription's admins"
- }
- ]
- },
- "description": "Whether to send security alerts notifications to subscription admins"
- }
- },
- "required": ["email", "alertNotifications", "alertsToAdmins"]
- },
- "PricingList": {
- "description": "List of pricing configurations response",
- "required": ["value"],
- "properties": {
- "value": {
- "type": "array",
- "description": "List of pricing configurations",
- "items": {
- "$ref": "#/definitions/Pricing"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "Pricing": {
- "type": "object",
- "description": "Pricing tier will be applied for the scope based on the resource ID",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Pricing data",
- "$ref": "#/definitions/PricingProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
- },
- "PricingProperties": {
- "type": "object",
- "description": "Pricing data",
- "properties": {
- "pricingTier": {
- "type": "string",
- "description": "Pricing tier type",
- "enum": ["Free", "Standard"],
- "x-ms-enum": {
- "name": "pricingTier",
- "modelAsString": true,
- "values": [
- {
- "value": "Free",
- "description": "Get free Azure security center experience with basic security features"
- },
- {
- "value": "Standard",
- "description": "Get the standard Azure security center experience with advanced security features"
- }
- ]
- }
- }
- },
- "required": ["pricingTier"]
- },
- "WorkspaceSettingList": {
- "description": "List of workspace settings response",
- "required": ["value"],
- "properties": {
- "value": {
- "type": "array",
- "description": "List of workspace settings",
- "items": {
- "$ref": "#/definitions/WorkspaceSetting"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "WorkspaceSetting": {
- "type": "object",
- "description": "Configures where to store the OMS agent data for workspaces under a scope",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Workspace setting data",
- "$ref": "#/definitions/WorkspaceSettingProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
- },
- "WorkspaceSettingProperties": {
- "type": "object",
- "description": "Workspace setting data",
- "properties": {
- "workspaceId": {
- "type": "string",
- "description": "The full Azure ID of the workspace to save the data in"
- },
- "scope": {
- "type": "string",
- "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope"
- }
- },
- "required": ["workspaceId", "scope"]
- },
- "AutoProvisioningSettingList": {
- "type": "object",
- "description": "List of all the auto provisioning settings response",
- "properties": {
- "value": {
- "description": "List of all the auto provisioning settings",
- "type": "array",
- "items": {
- "$ref": "#/definitions/AutoProvisioningSetting"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "AutoProvisioningSetting": {
- "type": "object",
- "description": "Auto provisioning setting",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Auto provisioning setting data",
- "$ref": "#/definitions/AutoProvisioningSettingProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
- },
- "AutoProvisioningSettingProperties": {
- "type": "object",
- "description": "describes properties of an auto provisioning setting",
- "properties": {
- "autoProvision": {
- "type": "string",
- "description": "Describes what kind of security agent provisioning action to take",
- "enum": ["On", "Off"],
- "x-ms-enum": {
- "name": "autoProvision",
- "modelAsString": true,
- "values": [
- {
- "value": "On",
- "description": "Install missing security agent on VMs automatically"
- },
- {
- "value": "Off",
- "description": "Do not install security agent on the VMs automatically"
- }
- ]
- }
- }
- },
- "required": ["autoProvision"]
- },
- "AdvancedThreatProtectionProperties": {
- "properties": {
- "isEnabled": {
- "type": "boolean",
- "description": "Indicates whether Advanced Threat Protection is enabled."
- }
- },
- "description": "The Advanced Threat Protection settings."
- },
- "AdvancedThreatProtectionSetting": {
- "type": "object",
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
+ "pricingTier"
],
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/AdvancedThreatProtectionProperties"
- }
- },
- "description": "The Advanced Threat Protection resource."
- },
- "SettingsList": {
- "type": "object",
- "description": "Subscription settings list.",
- "properties": {
- "value": {
- "type": "array",
- "description": "The settings list.",
- "items": {
- "$ref": "#/definitions/Setting"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "Setting": {
- "type": "object",
- "description": "Represents a security setting in Azure Security Center.",
- "discriminator": "kind",
- "properties": {},
- "allOf": [
- {
- "$ref": "#/definitions/SettingResource"
- }
- ]
- },
- "SettingResource": {
- "type": "object",
- "description": "The kind of the security setting",
- "properties": {
- "kind": {
- "type": "string",
- "description": "the kind of the settings string (DataExportSetting)",
- "enum": ["DataExportSetting", "AlertSuppressionSetting"],
- "x-ms-enum": {
- "name": "SettingKind",
- "modelAsString": true,
- "values": [
- {
- "value": "DataExportSetting"
- },
- {
- "value": "AlertSuppressionSetting"
- }
- ]
- }
- }
- },
- "required": ["kind"],
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
- },
- "DataExportSettingProperties": {
- "type": "object",
- "description": "The data export setting properties",
- "properties": {
- "enabled": {
- "type": "boolean",
- "description": "Is the data export setting is enabled"
- }
- },
- "required": ["enabled"]
- },
- "InformationProtectionPolicyList": {
- "type": "object",
- "readOnly": true,
- "description": "Information protection policies response.",
- "properties": {
- "value": {
- "type": "array",
- "description": "List of information protection policies.",
- "items": {
- "$ref": "#/definitions/InformationProtectionPolicy"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "InformationProtectionPolicy": {
- "type": "object",
- "description": "Information protection policy.",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Information protection policy data",
- "$ref": "#/definitions/InformationProtectionPolicyProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Resource"
- }
- ]
- },
- "InformationProtectionPolicyProperties": {
- "type": "object",
- "description": "describes properties of an information protection policy.",
- "properties": {
- "lastModifiedUtc": {
- "type": "string",
- "format": "date-time",
- "readOnly": true,
- "description": "Describes the last UTC time the policy was modified."
- },
- "labels": {
- "type": "object",
- "description": "Dictionary of sensitivity labels.",
- "additionalProperties": {
- "$ref": "#/definitions/SensitivityLabel"
- }
- },
- "informationTypes": {
- "type": "object",
- "description": "The sensitivity information types.",
- "additionalProperties": {
- "$ref": "#/definitions/InformationType"
- }
- }
- }
- },
- "SensitivityLabel": {
- "type": "object",
- "description": "The sensitivity label.",
- "properties": {
- "displayName": {
- "type": "string",
- "description": "The name of the sensitivity label."
- },
- "order": {
- "type": "number",
- "description": "The order of the sensitivity label."
- },
- "enabled": {
- "type": "boolean",
- "description": "Indicates whether the label is enabled or not."
- }
- }
- },
- "InformationType": {
- "type": "object",
- "description": "The information type.",
- "properties": {
- "displayName": {
- "type": "string",
- "description": "The name of the information type."
- },
- "order": {
- "type": "number",
- "description": "The order of the information type."
- },
- "recommendedLabelId": {
- "type": "string",
- "format": "uuid",
- "description": "The recommended label id to be associated with this information type."
- },
- "enabled": {
- "type": "boolean",
- "description": "Indicates whether the information type is enabled or not."
- },
- "custom": {
- "type": "boolean",
- "description": "Indicates whether the information type is custom or not."
- },
- "keywords": {
- "type": "array",
- "description": "The information type keywords.",
- "items": {
- "$ref": "#/definitions/InformationProtectionKeyword"
- }
- }
- }
- },
- "InformationProtectionKeyword": {
- "type": "object",
- "description": "The information type keyword.",
- "properties": {
- "pattern": {
- "type": "string",
- "description": "The keyword pattern."
- },
- "custom": {
- "type": "boolean",
- "description": "Indicates whether the keyword is custom or not."
- },
- "canBeNumeric": {
- "type": "boolean",
- "description": "Indicates whether the keyword can be applied on numeric types or not."
- },
- "excluded": {
- "type": "boolean",
- "description": "Indicates whether the keyword is excluded or not."
- }
- }
+ "description": "Pricing properties for the relevant scope"
}
}
}
diff --git a/schemas/2019-01-01-preview/Microsoft.Security.json b/schemas/2019-01-01-preview/Microsoft.Security.json
new file mode 100644
index 0000000000..56957aaf68
--- /dev/null
+++ b/schemas/2019-01-01-preview/Microsoft.Security.json
@@ -0,0 +1,898 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2019-01-01-preview/Microsoft.Security.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Security",
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {
+ "automations": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-01-01-preview"
+ ]
+ },
+ "etag": {
+ "type": "string",
+ "description": "Entity tag is used for comparing two or more entities from the same requested resource."
+ },
+ "kind": {
+ "type": "string",
+ "description": "Kind of the resource"
+ },
+ "location": {
+ "type": "string",
+ "description": "Location where the resource is stored"
+ },
+ "name": {
+ "type": "string",
+ "description": "The security automation name."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AutomationProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A set of properties that defines the behavior of the automation configuration. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas."
+ },
+ "tags": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A list of key value pairs that describe the resource."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/automations"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/automations"
+ }
+ },
+ "subscription_resourceDefinitions": {
+ "alertsSuppressionRules": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-01-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The unique name of the suppression alert rule"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AlertsSuppressionRuleProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "describes AlertsSuppressionRule properties"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/alertsSuppressionRules"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/alertsSuppressionRules"
+ },
+ "assessmentMetadata": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-01-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes properties of an assessment metadata."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/assessmentMetadata"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/assessmentMetadata"
+ }
+ },
+ "unknown_resourceDefinitions": {
+ "assessments": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-01-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes properties of an assessment."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/assessments"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/assessments"
+ }
+ },
+ "definitions": {
+ "AlertsSuppressionRuleProperties": {
+ "type": "object",
+ "properties": {
+ "alertType": {
+ "type": "string",
+ "description": "Type of the alert to automatically suppress. For all alert types, use '*'"
+ },
+ "comment": {
+ "type": "string",
+ "description": "Any comment regarding the rule"
+ },
+ "expirationDateUtc": {
+ "type": "string",
+ "format": "date-time",
+ "description": "Expiration date of the rule, if value is not provided or provided as null this field will default to the maximum allowed expiration date."
+ },
+ "reason": {
+ "type": "string",
+ "description": "The reason for dismissing the alert"
+ },
+ "state": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Enabled",
+ "Disabled",
+ "Expired"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Possible states of the rule."
+ },
+ "suppressionAlertsScope": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SuppressionAlertsScope"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "alertType",
+ "reason",
+ "state"
+ ],
+ "description": "describes AlertsSuppressionRule properties"
+ },
+ "AssessmentLinks": {
+ "type": "object",
+ "properties": {},
+ "description": "Links relevant to the assessment"
+ },
+ "AssessmentStatus": {
+ "type": "object",
+ "properties": {
+ "cause": {
+ "type": "string",
+ "description": "Programmatic code for the cause of the assessment status"
+ },
+ "code": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Healthy",
+ "Unhealthy",
+ "NotApplicable"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Programmatic code for the status of the assessment."
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment status"
+ }
+ },
+ "required": [
+ "code"
+ ],
+ "description": "The result of the assessment"
+ },
+ "AutomationAction": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AutomationActionLogicApp"
+ },
+ {
+ "$ref": "#/definitions/AutomationActionEventHub"
+ },
+ {
+ "$ref": "#/definitions/AutomationActionWorkspace"
+ }
+ ],
+ "properties": {},
+ "description": "The action that should be triggered."
+ },
+ "AutomationActionEventHub": {
+ "type": "object",
+ "properties": {
+ "actionType": {
+ "type": "string",
+ "enum": [
+ "EventHub"
+ ]
+ },
+ "connectionString": {
+ "type": "string",
+ "description": "The target Event Hub connection string (it will not be included in any response)."
+ },
+ "eventHubResourceId": {
+ "type": "string",
+ "description": "The target Event Hub Azure Resource ID."
+ }
+ },
+ "required": [
+ "actionType"
+ ],
+ "description": "The target Event Hub to which event data will be exported. To learn more about Security Center continuous export capabilities, visit https://aka.ms/ASCExportLearnMore"
+ },
+ "AutomationActionLogicApp": {
+ "type": "object",
+ "properties": {
+ "actionType": {
+ "type": "string",
+ "enum": [
+ "LogicApp"
+ ]
+ },
+ "logicAppResourceId": {
+ "type": "string",
+ "description": "The triggered Logic App Azure Resource ID. This can also reside on other subscriptions, given that you have permissions to trigger the Logic App"
+ },
+ "uri": {
+ "type": "string",
+ "format": "uri",
+ "description": "The Logic App trigger URI endpoint (it will not be included in any response)."
+ }
+ },
+ "required": [
+ "actionType"
+ ],
+ "description": "The logic app action that should be triggered. To learn more about Security Center's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore"
+ },
+ "AutomationActionWorkspace": {
+ "type": "object",
+ "properties": {
+ "actionType": {
+ "type": "string",
+ "enum": [
+ "Workspace"
+ ]
+ },
+ "workspaceResourceId": {
+ "type": "string",
+ "description": "The fully qualified Log Analytics Workspace Azure Resource ID."
+ }
+ },
+ "required": [
+ "actionType"
+ ],
+ "description": "The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Security Center continuous export capabilities, visit https://aka.ms/ASCExportLearnMore"
+ },
+ "AutomationProperties": {
+ "type": "object",
+ "properties": {
+ "actions": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AutomationAction"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true."
+ },
+ "description": {
+ "type": "string",
+ "description": "The security automation description."
+ },
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether the security automation is enabled."
+ },
+ "scopes": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AutomationScope"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes."
+ },
+ "sources": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AutomationSource"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A collection of the source event types which evaluate the security automation set of rules."
+ }
+ },
+ "description": "A set of properties that defines the behavior of the automation configuration. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas."
+ },
+ "AutomationRuleSet": {
+ "type": "object",
+ "properties": {
+ "rules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AutomationTriggeringRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "description": "A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions."
+ },
+ "AutomationScope": {
+ "type": "object",
+ "properties": {
+ "description": {
+ "type": "string",
+ "description": "The resources scope description."
+ },
+ "scopePath": {
+ "type": "string",
+ "description": "The resources scope path. Can be the subscription on which the automation is defined on or a resource group under that subscription (fully qualified Azure resource IDs)."
+ }
+ },
+ "description": "A single automation scope."
+ },
+ "AutomationSource": {
+ "type": "object",
+ "properties": {
+ "eventSource": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Assessments",
+ "SubAssessments",
+ "Alerts",
+ "SecureScores",
+ "SecureScoreControls"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A valid event source type."
+ },
+ "ruleSets": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AutomationRuleSet"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical 'or')."
+ }
+ },
+ "description": "The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas."
+ },
+ "AutomationTriggeringRule": {
+ "type": "object",
+ "properties": {
+ "expectedValue": {
+ "type": "string",
+ "description": "The expected value."
+ },
+ "operator": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Equals",
+ "GreaterThan",
+ "GreaterThanOrEqualTo",
+ "LesserThan",
+ "LesserThanOrEqualTo",
+ "NotEquals",
+ "Contains",
+ "StartsWith",
+ "EndsWith"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType."
+ },
+ "propertyJPath": {
+ "type": "string",
+ "description": "The JPath of the entity model property that should be checked."
+ },
+ "propertyType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "String",
+ "Integer",
+ "Number",
+ "Boolean"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]."
+ }
+ },
+ "description": "A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set."
+ },
+ "AzureResourceDetails": {
+ "type": "object",
+ "properties": {
+ "source": {
+ "type": "string",
+ "enum": [
+ "Azure"
+ ]
+ }
+ },
+ "required": [
+ "source"
+ ],
+ "description": "Details of the Azure resource that was assessed"
+ },
+ "OnPremiseResourceDetails": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/OnPremiseSqlResourceDetails"
+ }
+ ],
+ "properties": {
+ "machineName": {
+ "type": "string",
+ "description": "The name of the machine"
+ },
+ "source": {
+ "type": "string",
+ "enum": [
+ "OnPremise"
+ ]
+ },
+ "sourceComputerId": {
+ "type": "string",
+ "description": "The oms agent Id installed on the machine"
+ },
+ "vmuuid": {
+ "type": "string",
+ "description": "The unique Id of the machine"
+ },
+ "workspaceId": {
+ "type": "string",
+ "description": "Azure resource Id of the workspace the machine is attached to"
+ }
+ },
+ "required": [
+ "machineName",
+ "source",
+ "sourceComputerId",
+ "vmuuid",
+ "workspaceId"
+ ],
+ "description": "Details of the On Premise resource that was assessed"
+ },
+ "OnPremiseSqlResourceDetails": {
+ "type": "object",
+ "properties": {
+ "databaseName": {
+ "type": "string",
+ "description": "The Sql database name installed on the machine"
+ },
+ "serverName": {
+ "type": "string",
+ "description": "The Sql server name installed on the machine"
+ },
+ "source": {
+ "type": "string",
+ "enum": [
+ "OnPremiseSql"
+ ]
+ }
+ },
+ "required": [
+ "databaseName",
+ "serverName",
+ "source"
+ ],
+ "description": "Details of the On Premise Sql resource that was assessed"
+ },
+ "ResourceDetails": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AzureResourceDetails"
+ },
+ {
+ "$ref": "#/definitions/OnPremiseResourceDetails"
+ }
+ ],
+ "properties": {},
+ "description": "Details of the resource that was assessed"
+ },
+ "ScopeElement": {
+ "type": "object",
+ "properties": {
+ "additionalProperties": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "object",
+ "properties": {}
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Unmatched properties from the message are deserialized this collection"
+ },
+ "field": {
+ "type": "string",
+ "description": "The alert entity type to suppress by."
+ }
+ },
+ "description": "A more specific scope used to identify the alerts to suppress."
+ },
+ "SecurityAssessmentMetadataProperties": {
+ "type": "object",
+ "properties": {
+ "assessmentType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "BuiltIn",
+ "CustomPolicy",
+ "CustomerManaged"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition."
+ },
+ "category": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "Compute",
+ "Networking",
+ "Data",
+ "IdentityAndAccess",
+ "IoT"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment"
+ },
+ "displayName": {
+ "type": "string",
+ "description": "User friendly display name of the assessment"
+ },
+ "implementationEffort": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The implementation effort required to remediate this assessment."
+ },
+ "preview": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "True if this assessment is in preview release status"
+ },
+ "remediationDescription": {
+ "type": "string",
+ "description": "Human readable description of what you should do to mitigate this security issue"
+ },
+ "severity": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Low",
+ "Medium",
+ "High"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The severity level of the assessment."
+ },
+ "threats": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "accountBreach",
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider",
+ "elevationOfPrivilege",
+ "threatResistance",
+ "missingCoverage",
+ "denialOfService"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "userImpact": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The user impact of the assessment."
+ }
+ },
+ "required": [
+ "assessmentType",
+ "displayName",
+ "severity"
+ ],
+ "description": "Describes properties of an assessment metadata."
+ },
+ "SecurityAssessmentProperties": {
+ "type": "object",
+ "properties": {
+ "additionalData": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Additional data regarding the assessment"
+ },
+ "links": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AssessmentLinks"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Links relevant to the assessment"
+ },
+ "resourceDetails": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ResourceDetails"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Details of the resource that was assessed"
+ },
+ "status": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AssessmentStatus"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The result of the assessment"
+ }
+ },
+ "required": [
+ "resourceDetails",
+ "status"
+ ],
+ "description": "Describes properties of an assessment."
+ },
+ "SuppressionAlertsScope": {
+ "type": "object",
+ "properties": {
+ "allOf": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ScopeElement"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "All the conditions inside need to be true in order to suppress the alert"
+ }
+ },
+ "required": [
+ "allOf"
+ ]
+ }
+ }
+}
diff --git a/schemas/2019-01-01/Microsoft.Security.json b/schemas/2019-01-01/Microsoft.Security.json
new file mode 100644
index 0000000000..354a3291ab
--- /dev/null
+++ b/schemas/2019-01-01/Microsoft.Security.json
@@ -0,0 +1,158 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Security.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Security",
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {},
+ "subscription_resourceDefinitions": {
+ "settings": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DataExportSettings"
+ }
+ ],
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-01-01"
+ ]
+ },
+ "name": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "MCAS",
+ "WDATP"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Name of setting: (MCAS/WDATP)."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/settings"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "type"
+ ],
+ "description": "Microsoft.Security/settings"
+ }
+ },
+ "unknown_resourceDefinitions": {
+ "advancedThreatProtectionSettings": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-01-01"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Advanced Threat Protection setting name."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The Advanced Threat Protection settings."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/advancedThreatProtectionSettings"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/advancedThreatProtectionSettings"
+ }
+ },
+ "definitions": {
+ "AdvancedThreatProtectionProperties": {
+ "type": "object",
+ "properties": {
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether Advanced Threat Protection is enabled."
+ }
+ },
+ "description": "The Advanced Threat Protection settings."
+ },
+ "DataExportSettingProperties": {
+ "type": "object",
+ "properties": {
+ "enabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Is the data export setting is enabled"
+ }
+ },
+ "required": [
+ "enabled"
+ ],
+ "description": "The data export setting properties"
+ },
+ "DataExportSettings": {
+ "type": "object",
+ "properties": {
+ "kind": {
+ "type": "string",
+ "enum": [
+ "DataExportSettings"
+ ]
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DataExportSettingProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The data export setting properties"
+ }
+ },
+ "required": [
+ "kind"
+ ],
+ "description": "Represents a data export setting"
+ }
+ }
+}
diff --git a/schemas/2019-04-01/deploymentTemplate.json b/schemas/2019-04-01/deploymentTemplate.json
index 3e7359c0a8..0b2bd71763 100644
--- a/schemas/2019-04-01/deploymentTemplate.json
+++ b/schemas/2019-04-01/deploymentTemplate.json
@@ -150,6 +150,13 @@
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_dataconnections" },
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_principalassignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2020-06-14/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_principalassignments" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_dataconnections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_attacheddatabaseconfigurations" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_dataconnections" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_principalassignments" },
+ { "$ref": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#/resourceDefinitions/clusters_databases_principalassignments" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/alertrules" },
{ "$ref": "https://schema.management.azure.com/schemas/2014-04-01/Microsoft.Insights.json#/resourceDefinitions/components" },
{ "$ref": "https://schema.management.azure.com/schemas/2019-11-01-preview/Microsoft.Insights.json#/resourceDefinitions/dataCollectionRules" },
diff --git a/schemas/2019-08-01/Microsoft.Security.json b/schemas/2019-08-01/Microsoft.Security.json
new file mode 100644
index 0000000000..32830d717d
--- /dev/null
+++ b/schemas/2019-08-01/Microsoft.Security.json
@@ -0,0 +1,860 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Security.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Security",
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {
+ "iotSecuritySolutions": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-08-01"
+ ]
+ },
+ "location": {
+ "type": "string",
+ "description": "The resource location."
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the IoT Security solution."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/IoTSecuritySolutionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Security Solution setting data"
+ },
+ "tags": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Resource tags"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/iotSecuritySolutions"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/iotSecuritySolutions"
+ }
+ },
+ "unknown_resourceDefinitions": {
+ "deviceSecurityGroups": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-08-01"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the device security group. Note that the name of the device security group is case insensitive."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DeviceSecurityGroupProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "describes properties of a security group."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/deviceSecurityGroups"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/deviceSecurityGroups"
+ }
+ },
+ "definitions": {
+ "ActiveConnectionsNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "ActiveConnectionsNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of active connections is not in allowed range."
+ },
+ "AllowlistCustomAlertRule": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ConnectionToIpNotAllowed"
+ },
+ {
+ "$ref": "#/definitions/LocalUserNotAllowed"
+ },
+ {
+ "$ref": "#/definitions/ProcessNotAllowed"
+ }
+ ],
+ "properties": {
+ "allowlistValues": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The values to allow. The format of the values depends on the rule type."
+ },
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the custom alert."
+ }
+ },
+ "required": [
+ "allowlistValues",
+ "isEnabled"
+ ],
+ "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed."
+ },
+ "AmqpC2DMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "AmqpC2DMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range."
+ },
+ "AmqpC2DRejectedMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "AmqpC2DRejectedMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range."
+ },
+ "AmqpD2CMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "AmqpD2CMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range."
+ },
+ "ConnectionToIpNotAllowed": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "ConnectionToIpNotAllowed"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation."
+ },
+ "DenylistCustomAlertRule": {
+ "type": "object",
+ "properties": {
+ "denylistValues": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The values to deny. The format of the values depends on the rule type."
+ },
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the custom alert."
+ }
+ },
+ "required": [
+ "denylistValues",
+ "isEnabled"
+ ],
+ "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied."
+ },
+ "DeviceSecurityGroupProperties": {
+ "type": "object",
+ "properties": {
+ "allowlistRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AllowlistCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The allow-list custom alert rules."
+ },
+ "denylistRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/DenylistCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The deny-list custom alert rules."
+ },
+ "thresholdRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ThresholdCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The list of custom alert threshold rules."
+ },
+ "timeWindowRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TimeWindowCustomAlertRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The list of custom alert time-window rules."
+ }
+ },
+ "description": "describes properties of a security group."
+ },
+ "DirectMethodInvokesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "DirectMethodInvokesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of direct method invokes is not in allowed range."
+ },
+ "FailedLocalLoginsNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "FailedLocalLoginsNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of failed local logins is not in allowed range."
+ },
+ "FileUploadsNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "FileUploadsNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of file uploads is not in allowed range."
+ },
+ "HttpC2DMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "HttpC2DMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range."
+ },
+ "HttpC2DRejectedMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "HttpC2DRejectedMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range."
+ },
+ "HttpD2CMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "HttpD2CMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range."
+ },
+ "IoTSecuritySolutionProperties": {
+ "type": "object",
+ "properties": {
+ "disabledDataSources": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "TwinData"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Disabled data sources. Disabling these data sources compromises the system."
+ },
+ "displayName": {
+ "type": "string",
+ "description": "Resource display name."
+ },
+ "export": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "RawEvents"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "List of additional options for exporting to workspace data."
+ },
+ "iotHubs": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "IoT Hub resource IDs"
+ },
+ "recommendationsConfiguration": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/RecommendationConfigurationProperties"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "List of the configuration status for each recommendation type."
+ },
+ "status": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Enabled",
+ "Disabled"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the IoT Security solution."
+ },
+ "unmaskedIpLoggingStatus": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Unmasked IP address logging status."
+ },
+ "userDefinedResources": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/UserDefinedResourcesProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Properties of the IoT Security solution's user defined resources."
+ },
+ "workspace": {
+ "type": "string",
+ "description": "Workspace resource ID"
+ }
+ },
+ "required": [
+ "displayName",
+ "iotHubs"
+ ],
+ "description": "Security Solution setting data"
+ },
+ "LocalUserNotAllowed": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "LocalUserNotAllowed"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow."
+ },
+ "MqttC2DMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "MqttC2DMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range."
+ },
+ "MqttC2DRejectedMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "MqttC2DRejectedMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range."
+ },
+ "MqttD2CMessagesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "MqttD2CMessagesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range."
+ },
+ "ProcessNotAllowed": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "ProcessNotAllowed"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow."
+ },
+ "QueuePurgesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "QueuePurgesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of device queue purges is not in allowed range."
+ },
+ "RecommendationConfigurationProperties": {
+ "type": "object",
+ "properties": {
+ "recommendationType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "IoT_ACRAuthentication",
+ "IoT_AgentSendsUnutilizedMessages",
+ "IoT_Baseline",
+ "IoT_EdgeHubMemOptimize",
+ "IoT_EdgeLoggingOptions",
+ "IoT_InconsistentModuleSettings",
+ "IoT_InstallAgent",
+ "IoT_IPFilter_DenyAll",
+ "IoT_IPFilter_PermissiveRule",
+ "IoT_OpenPorts",
+ "IoT_PermissiveFirewallPolicy",
+ "IoT_PermissiveInputFirewallRules",
+ "IoT_PermissiveOutputFirewallRules",
+ "IoT_PrivilegedDockerOptions",
+ "IoT_SharedCredentials",
+ "IoT_VulnerableTLSCipherSuite"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The type of IoT Security recommendation."
+ },
+ "status": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Recommendation status. When the recommendation status is disabled recommendations are not generated."
+ }
+ },
+ "required": [
+ "recommendationType",
+ "status"
+ ],
+ "description": "The type of IoT Security recommendation."
+ },
+ "ThresholdCustomAlertRule": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/TimeWindowCustomAlertRule"
+ }
+ ],
+ "properties": {
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Status of the custom alert."
+ },
+ "maxThreshold": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The maximum threshold."
+ },
+ "minThreshold": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The minimum threshold."
+ }
+ },
+ "required": [
+ "isEnabled",
+ "maxThreshold",
+ "minThreshold"
+ ],
+ "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range."
+ },
+ "TimeWindowCustomAlertRule": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ActiveConnectionsNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/AmqpC2DMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/MqttC2DMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/HttpC2DMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/AmqpC2DRejectedMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/MqttC2DRejectedMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/HttpC2DRejectedMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/AmqpD2CMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/MqttD2CMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/HttpD2CMessagesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/DirectMethodInvokesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/FailedLocalLoginsNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/FileUploadsNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/QueuePurgesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/TwinUpdatesNotInAllowedRange"
+ },
+ {
+ "$ref": "#/definitions/UnauthorizedOperationsNotInAllowedRange"
+ }
+ ],
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "TimeWindowCustomAlertRule"
+ ]
+ },
+ "timeWindowSize": {
+ "type": "string",
+ "format": "duration",
+ "description": "The time window size in iso8601 format."
+ }
+ },
+ "required": [
+ "ruleType",
+ "timeWindowSize"
+ ],
+ "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range."
+ },
+ "TwinUpdatesNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "TwinUpdatesNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of twin updates is not in allowed range."
+ },
+ "UnauthorizedOperationsNotInAllowedRange": {
+ "type": "object",
+ "properties": {
+ "ruleType": {
+ "type": "string",
+ "enum": [
+ "UnauthorizedOperationsNotInAllowedRange"
+ ]
+ }
+ },
+ "required": [
+ "ruleType"
+ ],
+ "description": "Number of unauthorized operations is not in allowed range."
+ },
+ "UserDefinedResourcesProperties": {
+ "type": "object",
+ "properties": {
+ "query": {
+ "type": "string",
+ "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\""
+ },
+ "querySubscriptions": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "List of Azure subscription ids on which the user defined resources query should be executed."
+ }
+ },
+ "required": [
+ "query",
+ "querySubscriptions"
+ ],
+ "description": "Properties of the IoT Security solution's user defined resources."
+ }
+ }
+}
diff --git a/schemas/2019-10-01-preview/Microsoft.Migrate.json b/schemas/2019-10-01-preview/Microsoft.Migrate.json
new file mode 100644
index 0000000000..4a1e94fd5e
--- /dev/null
+++ b/schemas/2019-10-01-preview/Microsoft.Migrate.json
@@ -0,0 +1,939 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2019-10-01-preview/Microsoft.Migrate.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Migrate",
+ "description": "Microsoft Migrate Resource Types",
+ "resourceDefinitions": {
+ "moveCollections": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-10-01-preview"
+ ]
+ },
+ "identity": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/Identity"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Defines the MSI properties of the Move Collection."
+ },
+ "location": {
+ "type": "string",
+ "description": "The geo-location where the resource lives."
+ },
+ "name": {
+ "type": "string",
+ "description": "The Move Collection Name."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/MoveCollectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Defines the move collection properties."
+ },
+ "resources": {
+ "type": "array",
+ "items": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/moveCollections_moveResources_childResource"
+ }
+ ]
+ }
+ },
+ "tags": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Resource tags."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Migrate/moveCollections"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Migrate/moveCollections"
+ },
+ "moveCollections_moveResources": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-10-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The Move Resource Name."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/MoveResourceProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Defines the move resource properties."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Migrate/moveCollections/moveResources"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Migrate/moveCollections/moveResources"
+ }
+ },
+ "definitions": {
+ "AvailabilitySetResourceSettings": {
+ "type": "object",
+ "properties": {
+ "faultDomain": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 1
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the target fault domain."
+ },
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Compute/availabilitySets"
+ ]
+ },
+ "updateDomain": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 20
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the target update domain."
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Gets or sets the availability set resource settings."
+ },
+ "Identity": {
+ "type": "object",
+ "properties": {
+ "principalId": {
+ "type": "string",
+ "description": "Gets or sets the principal id."
+ },
+ "tenantId": {
+ "type": "string",
+ "description": "Gets or sets the tenant id."
+ },
+ "type": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "None",
+ "SystemAssigned",
+ "UserAssigned"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "description": "Defines the MSI properties of the Move Collection."
+ },
+ "LBBackendAddressPoolResourceSettings": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Gets or sets the backend address pool name."
+ }
+ },
+ "description": "Defines load balancer backend address pool properties."
+ },
+ "LBFrontendIPConfigurationResourceSettings": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Gets or sets the frontend IP configuration name."
+ },
+ "privateIpAddress": {
+ "type": "string",
+ "description": "Gets or sets the IP address of the Load Balancer.This is only specified if a specific\r\nprivate IP address shall be allocated from the subnet specified in subnetRef."
+ },
+ "privateIpAllocationMethod": {
+ "type": "string",
+ "description": "Gets or sets PrivateIP allocation method (Static/Dynamic)."
+ },
+ "subnet": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SubnetReference"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Defines reference to subnet."
+ },
+ "zones": {
+ "type": "string",
+ "description": "Gets or sets the csv list of zones."
+ }
+ },
+ "description": "Defines load balancer frontend IP configuration properties."
+ },
+ "LoadBalancerBackendAddressPoolReference": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Gets the name of the proxy resource on the target side."
+ },
+ "sourceArmResourceId": {
+ "type": "string",
+ "description": "Gets the ARM resource ID of the tracked resource being referenced."
+ }
+ },
+ "required": [
+ "sourceArmResourceId"
+ ],
+ "description": "Defines reference to load balancer backend address pools."
+ },
+ "LoadBalancerResourceSettings": {
+ "type": "object",
+ "properties": {
+ "backendAddressPools": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/LBBackendAddressPoolResourceSettings"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the backend address pools of the load balancer."
+ },
+ "frontendIPConfigurations": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/LBFrontendIPConfigurationResourceSettings"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the frontend IP configurations of the load balancer."
+ },
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Network/loadBalancers"
+ ]
+ },
+ "sku": {
+ "type": "string",
+ "description": "Gets or sets load balancer sku (Basic/Standard)."
+ },
+ "zones": {
+ "type": "string",
+ "description": "Gets or sets the csv list of zones common for all frontend IP configurations. Note this is given\r\n precedence only if frontend IP configurations settings are not present."
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the load balancer resource settings."
+ },
+ "MoveCollectionProperties": {
+ "type": "object",
+ "properties": {
+ "provisioningState": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Succeeded",
+ "Updating",
+ "Creating",
+ "Failed"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "sourceRegion": {
+ "type": "string",
+ "description": "Gets or sets the source region."
+ },
+ "targetRegion": {
+ "type": "string",
+ "description": "Gets or sets the target region."
+ }
+ },
+ "required": [
+ "sourceRegion",
+ "targetRegion"
+ ],
+ "description": "Defines the move collection properties."
+ },
+ "moveCollections_moveResources_childResource": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2019-10-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The Move Resource Name."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/MoveResourceProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Defines the move resource properties."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "moveResources"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Migrate/moveCollections/moveResources"
+ },
+ "MoveResourceDependencyOverride": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Gets or sets the ARM ID of the dependent resource."
+ },
+ "targetId": {
+ "type": "string",
+ "description": "Gets or sets the resource ARM id of either the MoveResource or the resource ARM ID of\r\nthe dependent resource."
+ }
+ },
+ "description": "Defines the dependency override of the move resource."
+ },
+ "MoveResourceProperties": {
+ "type": "object",
+ "properties": {
+ "dependsOnOverrides": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/MoveResourceDependencyOverride"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the move resource dependencies overrides."
+ },
+ "existingTargetId": {
+ "type": "string",
+ "description": "Gets or sets the existing target ARM Id of the resource."
+ },
+ "provisioningState": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Succeeded",
+ "Updating",
+ "Creating",
+ "Failed"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "resourceSettings": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ResourceSettings"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the resource settings."
+ },
+ "sourceId": {
+ "type": "string",
+ "description": "Gets or sets the Source ARM Id of the resource."
+ }
+ },
+ "required": [
+ "sourceId"
+ ],
+ "description": "Defines the move resource properties."
+ },
+ "NetworkInterfaceResourceSettings": {
+ "type": "object",
+ "properties": {
+ "enableAcceleratedNetworking": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets a value indicating whether accelerated networking is enabled."
+ },
+ "ipConfigurations": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/NicIpConfigurationResourceSettings"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the IP configurations of the NIC."
+ },
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Network/networkInterfaces"
+ ]
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the network interface resource settings."
+ },
+ "NetworkSecurityGroupResourceSettings": {
+ "type": "object",
+ "properties": {
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Network/networkSecurityGroups"
+ ]
+ },
+ "securityRules": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/NsgSecurityRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets Security rules of network security group."
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the NSG resource settings."
+ },
+ "NicIpConfigurationResourceSettings": {
+ "type": "object",
+ "properties": {
+ "loadBalancerBackendAddressPools": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/LoadBalancerBackendAddressPoolReference"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the references of the load balancer backend address pools."
+ },
+ "name": {
+ "type": "string",
+ "description": "Gets or sets the IP configuration name."
+ },
+ "primary": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets a value indicating whether this IP configuration is the primary."
+ },
+ "privateIpAddress": {
+ "type": "string",
+ "description": "Gets or sets the private IP address of the network interface IP Configuration."
+ },
+ "privateIpAllocationMethod": {
+ "type": "string",
+ "description": "Gets or sets the private IP address allocation method."
+ },
+ "subnet": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SubnetReference"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Defines reference to subnet."
+ }
+ },
+ "description": "Defines NIC IP configuration properties."
+ },
+ "NsgSecurityRule": {
+ "type": "object",
+ "properties": {
+ "access": {
+ "type": "string",
+ "description": "Gets or sets whether network traffic is allowed or denied.\r\nPossible values are “Allow” and “Deny”."
+ },
+ "description": {
+ "type": "string",
+ "description": "Gets or sets a description for this rule. Restricted to 140 chars."
+ },
+ "destinationAddressPrefix": {
+ "type": "string",
+ "description": "Gets or sets destination address prefix. CIDR or source IP range.\r\n A “*” can also be used to match all source IPs. Default tags such\r\nas ‘VirtualNetwork’, ‘AzureLoadBalancer’ and ‘Internet’ can also be used."
+ },
+ "destinationPortRange": {
+ "type": "string",
+ "description": "Gets or sets Destination Port or Range. Integer or range between\r\n0 and 65535. A “*” can also be used to match all ports."
+ },
+ "direction": {
+ "type": "string",
+ "description": "Gets or sets the direction of the rule.InBound or Outbound. The\r\ndirection specifies if rule will be evaluated on incoming or outgoing traffic."
+ },
+ "name": {
+ "type": "string",
+ "description": "Gets or sets the Security rule name."
+ },
+ "priority": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the priority of the rule. The value can be between\r\n100 and 4096. The priority number must be unique for each rule in the collection.\r\nThe lower the priority number, the higher the priority of the rule."
+ },
+ "protocol": {
+ "type": "string",
+ "description": "Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*)."
+ },
+ "sourceAddressPrefix": {
+ "type": "string",
+ "description": "Gets or sets source address prefix. CIDR or source IP range. A\r\n“*” can also be used to match all source IPs. Default tags such as ‘VirtualNetwork’,\r\n‘AzureLoadBalancer’ and ‘Internet’ can also be used. If this is an ingress\r\nrule, specifies where network traffic originates from."
+ },
+ "sourcePortRange": {
+ "type": "string",
+ "description": "Gets or sets Source Port or Range. Integer or range between 0 and\r\n65535. A “*” can also be used to match all ports."
+ }
+ },
+ "description": "Security Rule data model for Network Security Groups."
+ },
+ "PublicIPAddressResourceSettings": {
+ "type": "object",
+ "properties": {
+ "domainNameLabel": {
+ "type": "string",
+ "description": "Gets or sets the domain name label."
+ },
+ "fQDN": {
+ "type": "string",
+ "description": "Gets or sets the fully qualified domain name."
+ },
+ "publicIpAllocationMethod": {
+ "type": "string",
+ "description": "Gets or sets public IP allocation method."
+ },
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Network/publicIPAddresses"
+ ]
+ },
+ "sku": {
+ "type": "string",
+ "description": "Gets or sets public IP sku."
+ },
+ "zones": {
+ "type": "string",
+ "description": "Gets or sets public IP zones."
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the public IP address resource settings."
+ },
+ "ResourceGroupResourceSettings": {
+ "type": "object",
+ "properties": {
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "resourceGroups"
+ ]
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the resource group resource settings."
+ },
+ "ResourceSettings": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/VirtualMachineResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/AvailabilitySetResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/VirtualNetworkResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/NetworkInterfaceResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/NetworkSecurityGroupResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/LoadBalancerResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/SqlServerResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/SqlElasticPoolResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/SqlDatabaseResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/ResourceGroupResourceSettings"
+ },
+ {
+ "$ref": "#/definitions/PublicIPAddressResourceSettings"
+ }
+ ],
+ "properties": {
+ "targetResourceName": {
+ "type": "string",
+ "description": "Gets or sets the target Resource name."
+ }
+ },
+ "required": [
+ "targetResourceName"
+ ],
+ "description": "Gets or sets the resource settings."
+ },
+ "SqlDatabaseResourceSettings": {
+ "type": "object",
+ "properties": {
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Sql/servers/databases"
+ ]
+ },
+ "zoneRedundant": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Enable",
+ "Disable"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the Sql Database resource settings."
+ },
+ "SqlElasticPoolResourceSettings": {
+ "type": "object",
+ "properties": {
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Sql/servers/elasticPools"
+ ]
+ },
+ "zoneRedundant": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Enable",
+ "Disable"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the Sql ElasticPool resource settings."
+ },
+ "SqlServerResourceSettings": {
+ "type": "object",
+ "properties": {
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Sql/servers"
+ ]
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the SQL Server resource settings."
+ },
+ "SubnetReference": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Gets the name of the proxy resource on the target side."
+ },
+ "sourceArmResourceId": {
+ "type": "string",
+ "description": "Gets the ARM resource ID of the tracked resource being referenced."
+ }
+ },
+ "required": [
+ "sourceArmResourceId"
+ ],
+ "description": "Defines reference to subnet."
+ },
+ "SubnetResourceSettings": {
+ "type": "object",
+ "properties": {
+ "addressPrefix": {
+ "type": "string",
+ "description": "Gets or sets address prefix for the subnet."
+ },
+ "name": {
+ "type": "string",
+ "description": "Gets or sets the Subnet name."
+ }
+ },
+ "description": "Defines the virtual network subnets resource settings."
+ },
+ "VirtualMachineResourceSettings": {
+ "type": "object",
+ "properties": {
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Compute/virtualMachines"
+ ]
+ },
+ "targetAvailabilitySetId": {
+ "type": "string",
+ "description": "Gets or sets the target availability set id for virtual machines not in an availability set at source."
+ },
+ "targetAvailabilityZone": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "1",
+ "2",
+ "3",
+ "NA"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the target availability zone."
+ },
+ "targetVmSize": {
+ "type": "string",
+ "description": "Gets or sets the target virtual machine size."
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Gets or sets the virtual machine resource settings."
+ },
+ "VirtualNetworkResourceSettings": {
+ "type": "object",
+ "properties": {
+ "addressSpace": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets the address prefixes for the virtual network."
+ },
+ "dnsServers": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets DHCPOptions that contains an array of DNS servers available to VMs\r\ndeployed in the virtual network."
+ },
+ "enableDdosProtection": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets a value indicating whether gets or sets whether the\r\nDDOS protection should be switched on."
+ },
+ "resourceType": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Network/virtualNetworks"
+ ]
+ },
+ "subnets": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/SubnetResourceSettings"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Gets or sets List of subnets in a VirtualNetwork."
+ }
+ },
+ "required": [
+ "resourceType"
+ ],
+ "description": "Defines the virtual network resource settings."
+ }
+ }
+}
\ No newline at end of file
diff --git a/schemas/2020-01-01-preview/Microsoft.Security.json b/schemas/2020-01-01-preview/Microsoft.Security.json
new file mode 100644
index 0000000000..be2ace4df6
--- /dev/null
+++ b/schemas/2020-01-01-preview/Microsoft.Security.json
@@ -0,0 +1,323 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2020-01-01-preview/Microsoft.Security.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Security",
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {},
+ "subscription_resourceDefinitions": {
+ "connectors": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the cloud account connector"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ConnectorSettingProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes properties of a connector setting"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/connectors"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/connectors"
+ },
+ "securityContacts": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the security contact object"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/securityContacts"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "type"
+ ],
+ "description": "Microsoft.Security/securityContacts"
+ }
+ },
+ "definitions": {
+ "AuthenticationDetailsProperties": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AwsCredsAuthenticationDetailsProperties"
+ },
+ {
+ "$ref": "#/definitions/AwAssumeRoleAuthenticationDetailsProperties"
+ },
+ {
+ "$ref": "#/definitions/GcpCredentialsDetailsProperties"
+ }
+ ],
+ "properties": {},
+ "description": "Settings for cloud authentication management"
+ },
+ "AwAssumeRoleAuthenticationDetailsProperties": {
+ "type": "object",
+ "properties": {
+ "authenticationType": {
+ "type": "string",
+ "enum": [
+ "awsAssumeRole"
+ ]
+ },
+ "awsAssumeRoleArn": {
+ "type": "string",
+ "description": "Assumed role ID is an identifier that you can use to create temporary security credentials."
+ },
+ "awsExternalId": {
+ "type": "string",
+ "description": "A unique identifier that is required when you assume a role in another account."
+ }
+ },
+ "required": [
+ "authenticationType",
+ "awsAssumeRoleArn",
+ "awsExternalId"
+ ],
+ "description": "AWS cloud account connector based assume role, the role enables delegating access to your AWS resources. The role is composed of role Amazon Resource Name (ARN) and external ID. For more details, refer to Creating a Role to Delegate Permissions to an IAM User (write only)"
+ },
+ "AwsCredsAuthenticationDetailsProperties": {
+ "type": "object",
+ "properties": {
+ "authenticationType": {
+ "type": "string",
+ "enum": [
+ "awsCreds"
+ ]
+ },
+ "awsAccessKeyId": {
+ "type": "string",
+ "description": "Public key element of the AWS credential object (write only)"
+ },
+ "awsSecretAccessKey": {
+ "type": "string",
+ "description": "Secret key element of the AWS credential object (write only)"
+ }
+ },
+ "required": [
+ "authenticationType",
+ "awsAccessKeyId",
+ "awsSecretAccessKey"
+ ],
+ "description": "AWS cloud account connector based credentials, the credentials is composed of access key ID and secret key, for more details, refer to Creating an IAM User in Your AWS Account (write only)"
+ },
+ "ConnectorSettingProperties": {
+ "type": "object",
+ "properties": {
+ "authenticationDetails": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AuthenticationDetailsProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Settings for cloud authentication management"
+ },
+ "hybridComputeSettings": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/HybridComputeSettingsProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Settings for hybrid compute management"
+ }
+ },
+ "description": "Describes properties of a connector setting"
+ },
+ "GcpCredentialsDetailsProperties": {
+ "type": "object",
+ "properties": {
+ "authenticationType": {
+ "type": "string",
+ "enum": [
+ "gcpCredentials"
+ ]
+ },
+ "authProviderX509CertUrl": {
+ "type": "string",
+ "description": "Auth provider x509 certificate URL field of the API key (write only)"
+ },
+ "authUri": {
+ "type": "string",
+ "description": "Auth URI field of the API key (write only)"
+ },
+ "clientEmail": {
+ "type": "string",
+ "description": "Client email field of the API key (write only)"
+ },
+ "clientId": {
+ "type": "string",
+ "description": "Client ID field of the API key (write only)"
+ },
+ "clientX509CertUrl": {
+ "type": "string",
+ "description": "Client x509 certificate URL field of the API key (write only)"
+ },
+ "organizationId": {
+ "type": "string",
+ "description": "The organization ID of the GCP cloud account"
+ },
+ "privateKey": {
+ "type": "string",
+ "description": "Private key field of the API key (write only)"
+ },
+ "privateKeyId": {
+ "type": "string",
+ "description": "Private key ID field of the API key (write only)"
+ },
+ "projectId": {
+ "type": "string",
+ "description": "Project ID field of the API key (write only)"
+ },
+ "tokenUri": {
+ "type": "string",
+ "description": "Token URI field of the API key (write only)"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type field of the API key (write only)"
+ }
+ },
+ "required": [
+ "authenticationType",
+ "authProviderX509CertUrl",
+ "authUri",
+ "clientEmail",
+ "clientId",
+ "clientX509CertUrl",
+ "organizationId",
+ "privateKey",
+ "privateKeyId",
+ "projectId",
+ "tokenUri",
+ "type"
+ ],
+ "description": "GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only)"
+ },
+ "HybridComputeSettingsProperties": {
+ "type": "object",
+ "properties": {
+ "autoProvision": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "On",
+ "Off"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Whether or not to automatically install Azure Arc (hybrid compute) agents on machines."
+ },
+ "proxyServer": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ProxyServerProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use."
+ },
+ "region": {
+ "type": "string",
+ "description": "The location where the metadata of machines will be stored"
+ },
+ "resourceGroupName": {
+ "type": "string",
+ "description": "The name of the resource group where Arc (Hybrid Compute) connectors are connected."
+ },
+ "servicePrincipal": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ServicePrincipalProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Details of the service principal."
+ }
+ },
+ "required": [
+ "autoProvision"
+ ],
+ "description": "Settings for hybrid compute management"
+ },
+ "ProxyServerProperties": {
+ "type": "object",
+ "properties": {
+ "ip": {
+ "type": "string",
+ "description": "Proxy server IP"
+ },
+ "port": {
+ "type": "string",
+ "description": "Proxy server port"
+ }
+ },
+ "description": "For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use."
+ },
+ "ServicePrincipalProperties": {
+ "type": "object",
+ "properties": {
+ "applicationId": {
+ "type": "string",
+ "description": "Application ID of service principal."
+ },
+ "secret": {
+ "type": "string",
+ "description": "A secret string that the application uses to prove its identity, also can be referred to as application password (write only)."
+ }
+ },
+ "description": "Details of the service principal."
+ }
+ }
+}
diff --git a/schemas/2020-01-01/Microsoft.Security.json b/schemas/2020-01-01/Microsoft.Security.json
new file mode 100644
index 0000000000..6e08cf7f32
--- /dev/null
+++ b/schemas/2020-01-01/Microsoft.Security.json
@@ -0,0 +1,1239 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.Security.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Security",
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {
+ "locations_jitNetworkAccessPolicies": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01"
+ ]
+ },
+ "kind": {
+ "type": "string",
+ "description": "Kind of the resource"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of a Just-in-Time access configuration policy."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/JitNetworkAccessPolicyProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/locations/jitNetworkAccessPolicies"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/locations/jitNetworkAccessPolicies"
+ }
+ },
+ "subscription_resourceDefinitions": {
+ "assessmentMetadata": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes properties of an assessment metadata."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/assessmentMetadata"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/assessmentMetadata"
+ },
+ "locations_applicationWhitelistings": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of an application control machine group"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AdaptiveApplicationControlGroupData"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Represents a machines group and set of rules to be allowed running on a machine"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/locations/applicationWhitelistings"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/locations/applicationWhitelistings"
+ }
+ },
+ "extension_resourceDefinitions": {
+ "serverVulnerabilityAssessments": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "enum": [
+ "default"
+ ],
+ "description": "ServerVulnerabilityAssessment status. only a 'default' value is supported."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/serverVulnerabilityAssessments"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "type"
+ ],
+ "description": "Microsoft.Security/serverVulnerabilityAssessments"
+ }
+ },
+ "unknown_resourceDefinitions": {
+ "assessments": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-01-01"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes properties of an assessment."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/assessments"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/assessments"
+ }
+ },
+ "definitions": {
+ "AdaptiveApplicationControlGroupData": {
+ "type": "object",
+ "properties": {
+ "enforcementMode": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "pathRecommendations": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/PathRecommendation"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "protectionMode": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ProtectionMode"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux."
+ },
+ "vmRecommendations": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/VmRecommendation"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "description": "Represents a machines group and set of rules to be allowed running on a machine"
+ },
+ "AssessmentLinks": {
+ "type": "object",
+ "properties": {},
+ "description": "Links relevant to the assessment"
+ },
+ "AssessmentStatus": {
+ "type": "object",
+ "properties": {
+ "cause": {
+ "type": "string",
+ "description": "Programmatic code for the cause of the assessment status"
+ },
+ "code": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Healthy",
+ "Unhealthy",
+ "NotApplicable"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Programmatic code for the status of the assessment."
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment status"
+ }
+ },
+ "required": [
+ "code"
+ ],
+ "description": "The result of the assessment"
+ },
+ "AzureResourceDetails": {
+ "type": "object",
+ "properties": {
+ "source": {
+ "type": "string",
+ "enum": [
+ "Azure"
+ ]
+ }
+ },
+ "required": [
+ "source"
+ ],
+ "description": "Details of the Azure resource that was assessed"
+ },
+ "JitNetworkAccessPolicyProperties": {
+ "type": "object",
+ "properties": {
+ "requests": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessRequest"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "virtualMachines": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Configurations for Microsoft.Compute/virtualMachines resource type."
+ }
+ },
+ "required": [
+ "virtualMachines"
+ ]
+ },
+ "JitNetworkAccessPolicyVirtualMachine": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Resource ID of the virtual machine that is linked to this policy"
+ },
+ "ports": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessPortRule"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Port configurations for the virtual machine"
+ },
+ "publicIpAddress": {
+ "type": "string",
+ "description": "Public IP address of the Azure Firewall that is linked to this policy, if applicable"
+ }
+ },
+ "required": [
+ "id",
+ "ports"
+ ]
+ },
+ "JitNetworkAccessPortRule": {
+ "type": "object",
+ "properties": {
+ "allowedSourceAddressPrefix": {
+ "type": "string",
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+ },
+ "allowedSourceAddressPrefixes": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter."
+ },
+ "maxRequestAccessDuration": {
+ "type": "string",
+ "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day"
+ },
+ "number": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 65535
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "protocol": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "TCP",
+ "UDP",
+ "*"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "maxRequestAccessDuration",
+ "number",
+ "protocol"
+ ]
+ },
+ "JitNetworkAccessRequest": {
+ "type": "object",
+ "properties": {
+ "justification": {
+ "type": "string",
+ "description": "The justification for making the initiate request"
+ },
+ "requestor": {
+ "type": "string",
+ "description": "The identity of the person who made the request"
+ },
+ "startTimeUtc": {
+ "type": "string",
+ "format": "date-time",
+ "description": "The start time of the request in UTC"
+ },
+ "virtualMachines": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "requestor",
+ "startTimeUtc",
+ "virtualMachines"
+ ]
+ },
+ "JitNetworkAccessRequestPort": {
+ "type": "object",
+ "properties": {
+ "allowedSourceAddressPrefix": {
+ "type": "string",
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+ },
+ "allowedSourceAddressPrefixes": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter."
+ },
+ "endTimeUtc": {
+ "type": "string",
+ "format": "date-time",
+ "description": "The date & time at which the request ends in UTC"
+ },
+ "mappedPort": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The port which is mapped to this port's `number` in the Azure Firewall, if applicable"
+ },
+ "number": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 65535
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "status": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Revoked",
+ "Initiated"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The status of the port."
+ },
+ "statusReason": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Expired",
+ "UserRequested",
+ "NewerRequestInitiated"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A description of why the `status` has its value."
+ }
+ },
+ "required": [
+ "endTimeUtc",
+ "number",
+ "status",
+ "statusReason"
+ ]
+ },
+ "JitNetworkAccessRequestVirtualMachine": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Resource ID of the virtual machine that is linked to this policy"
+ },
+ "ports": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/JitNetworkAccessRequestPort"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The ports that were opened for the virtual machine"
+ }
+ },
+ "required": [
+ "id",
+ "ports"
+ ]
+ },
+ "OnPremiseResourceDetails": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/OnPremiseSqlResourceDetails"
+ }
+ ],
+ "properties": {
+ "machineName": {
+ "type": "string",
+ "description": "The name of the machine"
+ },
+ "source": {
+ "type": "string",
+ "enum": [
+ "OnPremise"
+ ]
+ },
+ "sourceComputerId": {
+ "type": "string",
+ "description": "The oms agent Id installed on the machine"
+ },
+ "vmuuid": {
+ "type": "string",
+ "description": "The unique Id of the machine"
+ },
+ "workspaceId": {
+ "type": "string",
+ "description": "Azure resource Id of the workspace the machine is attached to"
+ }
+ },
+ "required": [
+ "machineName",
+ "source",
+ "sourceComputerId",
+ "vmuuid",
+ "workspaceId"
+ ],
+ "description": "Details of the On Premise resource that was assessed"
+ },
+ "OnPremiseSqlResourceDetails": {
+ "type": "object",
+ "properties": {
+ "databaseName": {
+ "type": "string",
+ "description": "The Sql database name installed on the machine"
+ },
+ "serverName": {
+ "type": "string",
+ "description": "The Sql server name installed on the machine"
+ },
+ "source": {
+ "type": "string",
+ "enum": [
+ "OnPremiseSql"
+ ]
+ }
+ },
+ "required": [
+ "databaseName",
+ "serverName",
+ "source"
+ ],
+ "description": "Details of the On Premise Sql resource that was assessed"
+ },
+ "PathRecommendation": {
+ "type": "object",
+ "properties": {
+ "action": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Recommended",
+ "Add",
+ "Remove"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "common": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Whether the application is commonly run on the machine"
+ },
+ "configurationStatus": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Configured",
+ "NotConfigured",
+ "InProgress",
+ "Failed",
+ "NoStatus"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "fileType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Exe",
+ "Dll",
+ "Msi",
+ "Script",
+ "Executable",
+ "Unknown"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "path": {
+ "type": "string",
+ "description": "The full path of the file, or an identifier of the application"
+ },
+ "publisherInfo": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/PublisherInfo"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Represents the publisher information of a process/rule"
+ },
+ "type": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "File",
+ "FileHash",
+ "PublisherSignature",
+ "ProductSignature",
+ "BinarySignature",
+ "VersionAndAboveSignature"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "usernames": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/UserRecommendation"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "userSids": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "description": "Represents a path that is recommended to be allowed and its properties"
+ },
+ "ProtectionMode": {
+ "type": "object",
+ "properties": {
+ "exe": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "executable": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "msi": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "script": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Audit",
+ "Enforce",
+ "None"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux."
+ },
+ "PublisherInfo": {
+ "type": "object",
+ "properties": {
+ "binaryName": {
+ "type": "string",
+ "description": "The \"OriginalName\" field taken from the file's version resource"
+ },
+ "productName": {
+ "type": "string",
+ "description": "The product name taken from the file's version resource"
+ },
+ "publisherName": {
+ "type": "string",
+ "description": "The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country"
+ },
+ "version": {
+ "type": "string",
+ "description": "The binary file version taken from the file's version resource"
+ }
+ },
+ "description": "Represents the publisher information of a process/rule"
+ },
+ "ResourceDetails": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AzureResourceDetails"
+ },
+ {
+ "$ref": "#/definitions/OnPremiseResourceDetails"
+ }
+ ],
+ "properties": {},
+ "description": "Details of the resource that was assessed"
+ },
+ "SecurityAssessmentMetadataPartnerData": {
+ "type": "object",
+ "properties": {
+ "partnerName": {
+ "type": "string",
+ "description": "Name of the company of the partner"
+ },
+ "productName": {
+ "type": "string",
+ "description": "Name of the product of the partner that created the assessment"
+ },
+ "secret": {
+ "type": "string",
+ "description": "Secret to authenticate the partner and verify it created the assessment - write only"
+ }
+ },
+ "required": [
+ "partnerName",
+ "secret"
+ ],
+ "description": "Describes the partner that created the assessment"
+ },
+ "SecurityAssessmentMetadataProperties": {
+ "type": "object",
+ "properties": {
+ "assessmentType": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "BuiltIn",
+ "CustomPolicy",
+ "CustomerManaged",
+ "VerifiedPartner"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition."
+ },
+ "category": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "Compute",
+ "Networking",
+ "Data",
+ "IdentityAndAccess",
+ "IoT"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment"
+ },
+ "displayName": {
+ "type": "string",
+ "description": "User friendly display name of the assessment"
+ },
+ "implementationEffort": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The implementation effort required to remediate this assessment."
+ },
+ "partnerData": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes the partner that created the assessment"
+ },
+ "preview": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "True if this assessment is in preview release status"
+ },
+ "remediationDescription": {
+ "type": "string",
+ "description": "Human readable description of what you should do to mitigate this security issue"
+ },
+ "severity": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Low",
+ "Medium",
+ "High"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The severity level of the assessment."
+ },
+ "threats": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "accountBreach",
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider",
+ "elevationOfPrivilege",
+ "threatResistance",
+ "missingCoverage",
+ "denialOfService"
+ ]
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "userImpact": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The user impact of the assessment."
+ }
+ },
+ "required": [
+ "assessmentType",
+ "displayName",
+ "severity"
+ ],
+ "description": "Describes properties of an assessment metadata."
+ },
+ "SecurityAssessmentPartnerData": {
+ "type": "object",
+ "properties": {
+ "partnerName": {
+ "type": "string",
+ "description": "Name of the company of the partner"
+ },
+ "secret": {
+ "type": "string",
+ "description": "secret to authenticate the partner - write only"
+ }
+ },
+ "required": [
+ "partnerName",
+ "secret"
+ ],
+ "description": "Data regarding 3rd party partner integration"
+ },
+ "SecurityAssessmentProperties": {
+ "type": "object",
+ "properties": {
+ "additionalData": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ },
+ "properties": {}
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Additional data regarding the assessment"
+ },
+ "links": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AssessmentLinks"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Links relevant to the assessment"
+ },
+ "metadata": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Describes properties of an assessment metadata."
+ },
+ "partnersData": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentPartnerData"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Data regarding 3rd party partner integration"
+ },
+ "resourceDetails": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ResourceDetails"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Details of the resource that was assessed"
+ },
+ "status": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AssessmentStatus"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The result of the assessment"
+ }
+ },
+ "required": [
+ "resourceDetails",
+ "status"
+ ],
+ "description": "Describes properties of an assessment."
+ },
+ "UserRecommendation": {
+ "type": "object",
+ "properties": {
+ "recommendationAction": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Recommended",
+ "Add",
+ "Remove"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "username": {
+ "type": "string",
+ "description": "Represents a user that is recommended to be allowed for a certain rule"
+ }
+ },
+ "description": "Represents a user that is recommended to be allowed for a certain rule"
+ },
+ "VmRecommendation": {
+ "type": "object",
+ "properties": {
+ "configurationStatus": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Configured",
+ "NotConfigured",
+ "InProgress",
+ "Failed",
+ "NoStatus"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "enforcementSupport": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Supported",
+ "NotSupported",
+ "Unknown"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "recommendationAction": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Recommended",
+ "Add",
+ "Remove"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "resourceId": {
+ "type": "string",
+ "description": "The full resource id of the machine"
+ }
+ },
+ "description": "Represents a machine that is part of a machine group"
+ }
+ }
+}
diff --git a/schemas/2020-08-06-preview/Microsoft.Security.json b/schemas/2020-08-06-preview/Microsoft.Security.json
new file mode 100644
index 0000000000..ff470abe1e
--- /dev/null
+++ b/schemas/2020-08-06-preview/Microsoft.Security.json
@@ -0,0 +1,150 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2020-08-06-preview/Microsoft.Security.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Security",
+ "description": "Microsoft Security Resource Types",
+ "resourceDefinitions": {},
+ "subscription_resourceDefinitions": {
+ "iotDefenderSettings": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-08-06-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "enum": [
+ "default"
+ ]
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/IotDefenderSettingsProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "IoT Defender settings properties"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/iotDefenderSettings"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/iotDefenderSettings"
+ }
+ },
+ "unknown_resourceDefinitions": {
+ "iotSensors": {
+ "type": "object",
+ "properties": {
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-08-06-preview"
+ ]
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the IoT sensor"
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/IotSensorProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "IoT sensor properties"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Security/iotSensors"
+ ]
+ }
+ },
+ "required": [
+ "apiVersion",
+ "name",
+ "properties",
+ "type"
+ ],
+ "description": "Microsoft.Security/iotSensors"
+ }
+ },
+ "definitions": {
+ "IotDefenderSettingsProperties": {
+ "type": "object",
+ "properties": {
+ "deviceQuota": {
+ "oneOf": [
+ {
+ "type": "integer",
+ "minimum": 1000
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Size of the device quota (as a opposed to a Pay as You Go billing model). Value is required to be in multiples of 1000."
+ },
+ "sentinelWorkspaceResourceIds": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Sentinel Workspace Resource Ids"
+ }
+ },
+ "required": [
+ "deviceQuota",
+ "sentinelWorkspaceResourceIds"
+ ],
+ "description": "IoT Defender settings properties"
+ },
+ "IotSensorProperties": {
+ "type": "object",
+ "properties": {
+ "tiAutomaticUpdates": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "TI Automatic mode status of the IoT sensor"
+ },
+ "zone": {
+ "type": "string",
+ "description": "Zone of the IoT sensor"
+ }
+ },
+ "description": "IoT sensor properties"
+ }
+ }
+}
diff --git a/schemas/2020-09-18/Microsoft.Kusto.json b/schemas/2020-09-18/Microsoft.Kusto.json
new file mode 100644
index 0000000000..2388d58713
--- /dev/null
+++ b/schemas/2020-09-18/Microsoft.Kusto.json
@@ -0,0 +1,1210 @@
+{
+ "id": "https://schema.management.azure.com/schemas/2020-09-18/Microsoft.Kusto.json#",
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "title": "Microsoft.Kusto",
+ "description": "Microsoft Kusto Resource Types",
+ "resourceDefinitions": {
+ "clusters": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the Kusto cluster."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Kusto/clusters"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "tags": {
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Resource tags."
+ },
+ "location": {
+ "type": "string",
+ "description": "The geo-location where the resource lives"
+ },
+ "sku": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AzureSku"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The SKU of the Kusto cluster."
+ },
+ "zones": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "An array represents the availability zones of the cluster."
+ },
+ "identity": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/Identity"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Identity for the resource."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ClusterProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ },
+ "resources": {
+ "type": "array",
+ "items": {
+ "oneOf": [
+ {
+ "$ref": "#/resourceDefinitions/clusters_databases"
+ },
+ {
+ "$ref": "#/resourceDefinitions/clusters_attacheddatabaseconfigurations"
+ },
+ {
+ "$ref": "#/resourceDefinitions/clusters_principalassignments"
+ }
+ ]
+ }
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "location",
+ "sku"
+ ],
+ "description": "Microsoft.Kusto/clusters"
+ },
+ "clusters_databases": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ReadWriteDatabase"
+ }
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the database in the Kusto cluster."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Kusto/clusters/databases"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "location": {
+ "type": "string",
+ "description": "Resource location."
+ },
+ "resources": {
+ "type": "array",
+ "items": {
+ "oneOf": [
+ {
+ "$ref": "#/resourceDefinitions/clusters_databases_dataconnections"
+ },
+ {
+ "$ref": "#/resourceDefinitions/clusters_databases_principalassignments"
+ }
+ ]
+ }
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "properties"
+ ],
+ "description": "Microsoft.Kusto/clusters/databases"
+ },
+ "clusters_dataconnections": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The data connection name"
+ },
+ "type": {
+ "enum": [
+ "Microsoft.Kusto/clusters/dataConnections"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/GenevaDataConnection"
+ },
+ {
+ "$ref": "#/definitions/GenevaLegacyDataConnection"
+ }
+ ],
+ "description": "Properties supplied to the data connection create or update Kusto operation."
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "properties"
+ ],
+ "description": "Microsoft.Kusto/clusters/dataConnections"
+ },
+ "clusters_databases_dataconnections": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The data connection name"
+ },
+ "type": {
+ "enum": [
+ "Microsoft.Kusto/clusters/databases/dataConnections"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/EventHubDataConnection"
+ },
+ {
+ "$ref": "#/definitions/EventGridDataConnection"
+ },
+ {
+ "$ref": "#/definitions/IotHubDataConnection"
+ }
+ ],
+ "description": "Properties supplied to the Data Connection Create Or Update Kusto operation."
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "properties"
+ ],
+ "description": "Microsoft.Kusto/clusters/databases/dataConnections"
+ },
+ "clusters_attacheddatabaseconfigurations": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the attached database configurations."
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Kusto/clusters/AttachedDatabaseConfigurations"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "location": {
+ "type": "string",
+ "description": "Resource location."
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/AttachedDatabaseConfigurationsProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "properties"
+ ],
+ "description": "Class representing an attached database configurations."
+ },
+ "clusters_principalassignments": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the cluster principal assignment"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Kusto/clusters/principalAssignments"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ClusterPrincipalProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "properties"
+ ],
+ "description": "Class representing a cluster principal assignment."
+ },
+ "clusters_databases_principalassignments": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the database principal assignment"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "Microsoft.Kusto/clusters/databases/principalAssignments"
+ ]
+ },
+ "apiVersion": {
+ "type": "string",
+ "enum": [
+ "2020-09-18"
+ ]
+ },
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DatabasePrincipalProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ]
+ }
+ },
+ "required": [
+ "name",
+ "type",
+ "apiVersion",
+ "properties"
+ ],
+ "description": "Class representing a database principal assignment."
+ }
+ },
+ "definitions": {
+ "AzureSku": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Standard_DS13_v2+1TB_PS",
+ "Standard_DS13_v2+2TB_PS",
+ "Standard_DS14_v2+3TB_PS",
+ "Standard_DS14_v2+4TB_PS",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_L8s",
+ "Standard_L16s",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_L4s",
+ "Dev(No SLA)_Standard_D11_v2",
+ "Standard_E64i_v3",
+ "Standard_E2a_v4",
+ "Standard_E4a_v4",
+ "Standard_E8a_v4",
+ "Standard_E16a_v4",
+ "Standard_E8as_v4+1TB_PS",
+ "Standard_E8as_v4+2TB_PS",
+ "Standard_E16as_v4+3TB_PS",
+ "Standard_E16as_v4+4TB_PS",
+ "Dev(No SLA)_Standard_E2a_v4"
+ ],
+ "x-ms-enum": {
+ "name": "AzureSkuName",
+ "modelAsString": true
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "SKU name. Possible values include: 'Standard_DS13_v2+1TB_PS', 'Standard_DS13_v2+2TB_PS', 'Standard_DS14_v2+3TB_PS', 'Standard_DS14_v2+4TB_PS', 'Standard_D13_v2', 'Standard_D14_v2', 'Standard_L8s', 'Standard_L16s', 'Standard_D11_v2', 'Standard_D12_v2', 'Standard_L4s', 'Dev(No SLA)_Standard_D11_v2', 'Standard_E2a_v4', 'Standard_E4a_v4', 'Standard_E8a_v4', 'Standard_E16a_v4', 'Standard_E8as_v4+1TB_PS', 'Standard_E8as_v4+2TB_PS', 'Standard_E16as_v4+3TB_PS', 'Standard_E16as_v4+4TB_PS', 'Dev(No SLA)_Standard_E2a_v4'"
+ },
+ "capacity": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The number of instances of the cluster."
+ },
+ "tier": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "Standard",
+ "Basic"
+ ],
+ "x-ms-enum": {
+ "name": "AzureSkuTier",
+ "modelAsString": true
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "SKU tier."
+ }
+ },
+ "required": [
+ "name",
+ "tier"
+ ],
+ "description": "Azure SKU definition."
+ },
+ "ClusterProperties": {
+ "type": "object",
+ "properties": {
+ "trustedExternalTenants": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TrustedExternalTenant"
+ }
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The cluster's external tenants."
+ },
+ "optimizedAutoscale": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/OptimizedAutoscale"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A class that contains the optimized auto scale definition."
+ },
+ "enableDiskEncryption": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A boolean value that indicates if the cluster's disks are encrypted."
+ },
+ "enableStreamingIngest": {
+ "oneOf": [
+ {
+ "type": "boolean",
+ "default": false
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A boolean value that indicates if the streaming ingest is enabled."
+ },
+ "virtualNetworkConfiguration": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/VirtualNetworkConfiguration"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A class that contains virtual network definition."
+ },
+ "keyVaultProperties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/KeyVaultProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "KeyVault properties for the cluster encryption."
+ },
+ "enablePurge": {
+ "oneOf": [
+ {
+ "type": "boolean",
+ "default": false
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A boolean value that indicates if the purge operations are enabled."
+ },
+ "enableDoubleEncryption": {
+ "oneOf": [
+ {
+ "type": "boolean",
+ "default": false
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Indicates whether or not Double-Encryption is enabled on storage account."
+ },
+ "engineType": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A string value that indicates the Azure Data Explorer engine type."
+ }
+ }
+ },
+ "ReadWriteDatabaseProperties": {
+ "type": "object",
+ "properties": {
+ "softDeletePeriod": {
+ "type": "string",
+ "format": "duration",
+ "description": "The time the data should be kept before it stops being accessible to queries in TimeSpan."
+ },
+ "hotCachePeriod": {
+ "type": "string",
+ "format": "duration",
+ "description": "The time the data should be kept in cache for fast queries in TimeSpan."
+ }
+ }
+ },
+ "ReadWriteDatabase": {
+ "type": "object",
+ "properties": {
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/ReadWriteDatabaseProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Read write database properties"
+ },
+ "kind": {
+ "type": "string",
+ "enum": [
+ "ReadWrite"
+ ],
+ "description": "Kind of the database"
+ }
+ },
+ "required": [
+ "kind",
+ "properties"
+ ],
+ "description": "Information about the readWrite database"
+ },
+ "AttachedDatabaseConfigurationsProperties": {
+ "type": "object",
+ "properties": {
+ "databaseName": {
+ "type": "string",
+ "description": "The name of the database which you would like to attach, use * if you want to follow all current and future databases."
+ },
+ "clusterResourceId": {
+ "type": "string",
+ "description": "The resource id of the cluster where the databases you would like to attach reside."
+ },
+ "defaultPrincipalsModificationKind": {
+ "type": "string",
+ "enum": [
+ "Union",
+ "Replace",
+ "None"
+ ],
+ "description": "The default principals modification kind"
+ }
+ }
+ },
+ "EventGridDataConnectionProperties": {
+ "type": "object",
+ "properties": {
+ "storageAccountResourceId": {
+ "type": "string",
+ "description": "The resource ID of the storage account where the data resides."
+ },
+ "eventHubResourceId": {
+ "type": "string",
+ "description": "The resource ID where the event grid is configured to send events."
+ },
+ "consumerGroup": {
+ "type": "string",
+ "description": "The event hub consumer group."
+ },
+ "tableName": {
+ "type": "string",
+ "description": "The table where the data should be ingested. Optionally the table information can be added to each message."
+ },
+ "mappingRuleName": {
+ "type": "string",
+ "description": "The mapping rule to be used to ingest the data. Optionally the mapping information can be added to each message."
+ },
+ "dataFormat": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DataFormat"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The data format of the message. Optionally the data format can be added to each message."
+ },
+ "ignoreFirstRecord": {
+ "type": "boolean",
+ "description": "A Boolean value that, if set to true, indicates that ingestion should ignore the first record of every file."
+ },
+ "blobStorageEventType": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/BlobStorageEventType"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The name of blob storage event type to process."
+ }
+ },
+ "required": [
+ "storageAccountResourceId",
+ "eventHubResourceId",
+ "consumerGroup"
+ ],
+ "description": "Class representing the Kusto event grid connection properties."
+ },
+ "DatabasePrincipalProperties": {
+ "type": "object",
+ "properties": {
+ "principalId": {
+ "description": "The principal ID assigned to the database principal. It can be a user email, application ID, or security group name.",
+ "type": "string"
+ },
+ "role": {
+ "description": "Database principal role.",
+ "type": "string",
+ "enum": [
+ "Admin",
+ "Ingestor",
+ "Monitor",
+ "User",
+ "UnrestrictedViewers",
+ "Viewer"
+ ]
+ },
+ "tenantId": {
+ "type": "string",
+ "description": "The tenant id of the principal"
+ },
+ "principalType": {
+ "description": "Principal type.",
+ "type": "string",
+ "enum": [
+ "App",
+ "Group",
+ "User"
+ ]
+ }
+ },
+ "required": [
+ "principalId",
+ "role",
+ "principalType"
+ ],
+ "description": "A class representing database principal property."
+ },
+ "ClusterPrincipalProperties": {
+ "type": "object",
+ "properties": {
+ "principalId": {
+ "description": "The principal ID assigned to the cluster principal. It can be a user email, application ID, or security group name.",
+ "type": "string"
+ },
+ "role": {
+ "description": "Cluster principal role.",
+ "type": "string",
+ "enum": [
+ "AllDatabasesAdmin",
+ "AllDatabasesViewer"
+ ]
+ },
+ "tenantId": {
+ "type": "string",
+ "description": "The tenant id of the principal"
+ },
+ "principalType": {
+ "description": "Principal type.",
+ "type": "string",
+ "enum": [
+ "App",
+ "Group",
+ "User"
+ ]
+ }
+ },
+ "required": [
+ "principalId",
+ "role",
+ "principalType"
+ ],
+ "description": "A class representing cluster principal property."
+ },
+ "EventGridDataConnection": {
+ "type": "object",
+ "properties": {
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/EventGridDataConnectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Class representing the Kusto event grid connection properties."
+ },
+ "kind": {
+ "type": "string",
+ "enum": [
+ "EventGrid"
+ ]
+ }
+ },
+ "required": [
+ "kind"
+ ],
+ "description": "Class representing an Event Grid data connection."
+ },
+ "EventHubDataConnectionProperties": {
+ "type": "object",
+ "properties": {
+ "eventHubResourceId": {
+ "type": "string",
+ "description": "The resource ID of the event hub to be used to create a data connection."
+ },
+ "consumerGroup": {
+ "type": "string",
+ "description": "The event hub consumer group."
+ },
+ "tableName": {
+ "type": "string",
+ "description": "The table where the data should be ingested. Optionally the table information can be added to each message."
+ },
+ "mappingRuleName": {
+ "type": "string",
+ "description": "The mapping rule to be used to ingest the data. Optionally the mapping information can be added to each message."
+ },
+ "dataFormat": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DataFormat"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The data format of the message. Optionally the data format can be added to each message."
+ },
+ "eventSystemProperties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/EventSystemProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "System properties of the event hub"
+ }
+ },
+ "required": [
+ "eventHubResourceId",
+ "consumerGroup"
+ ],
+ "description": "Class representing the Kusto event hub connection properties."
+ },
+ "EventHubDataConnection": {
+ "type": "object",
+ "properties": {
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/EventHubDataConnectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Event hub data connection properties"
+ },
+ "kind": {
+ "type": "string",
+ "enum": [
+ "EventHub"
+ ]
+ }
+ },
+ "required": [
+ "kind"
+ ],
+ "description": "Information about the event hub data connection"
+ },
+ "Identity": {
+ "type": "object",
+ "properties": {
+ "type": {
+ "oneOf": [
+ {
+ "type": "string",
+ "enum": [
+ "None",
+ "SystemAssigned",
+ "UserAssigned",
+ "SystemAssigned, UserAssigned"
+ ]
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove all identities."
+ }
+ },
+ "required": [
+ "type"
+ ],
+ "description": "Identity for the resource."
+ },
+ "IotHubDataConnectionProperties": {
+ "type": "object",
+ "properties": {
+ "iotHubResourceId": {
+ "type": "string",
+ "description": "The resource ID of the iot hub to be used to create a data connection."
+ },
+ "consumerGroup": {
+ "type": "string",
+ "description": "The iot hub consumer group."
+ },
+ "tableName": {
+ "type": "string",
+ "description": "The table where the data should be ingested. Optionally the table information can be added to each message."
+ },
+ "mappingRuleName": {
+ "type": "string",
+ "description": "The mapping rule to be used to ingest the data. Optionally the mapping information can be added to each message."
+ },
+ "dataFormat": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/DataFormat"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The data format of the message. Optionally the data format can be added to each message."
+ },
+ "eventSystemProperties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/EventSystemProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The iot hub system properties."
+ },
+ "sharedAccessPolicyName": {
+ "type": "string",
+ "description": "The name of the shared access policy."
+ }
+ },
+ "required": [
+ "iotHubResourceId",
+ "consumerGroup",
+ "sharedAccessPolicyName"
+ ],
+ "description": "Class representing the Kusto Iot hub connection properties."
+ },
+ "IotHubDataConnection": {
+ "type": "object",
+ "properties": {
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/IotHubDataConnectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Iot hub data connection properties"
+ },
+ "kind": {
+ "type": "string",
+ "enum": [
+ "IotHub"
+ ]
+ }
+ },
+ "required": [
+ "kind"
+ ],
+ "description": "Information about the Iot hub data connection"
+ },
+ "GenevaDataConnectionProperties": {
+ "type": "object",
+ "properties": {
+ "genevaEnvironment": {
+ "type": "string",
+ "description": "The Geneva environment of the geneva data connection."
+ }
+ },
+ "required": [
+ "genevaEnvironment"
+ ],
+ "description": "Class representing the Kusto Geneva (GDS) connection properties."
+ },
+ "GenevaDataConnection": {
+ "type": "object",
+ "properties": {
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/GenevaDataConnectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Geneva (DGS) data connection properties"
+ },
+ "kind": {
+ "type": "string",
+ "enum": [
+ "Geneva"
+ ]
+ }
+ },
+ "required": [
+ "kind"
+ ],
+ "description": "Information about the Geneva (GDS) data connection"
+ },
+ "GenevaLegacyDataConnectionProperties": {
+ "type": "object",
+ "properties": {
+ "genevaEnvironment": {
+ "type": "string",
+ "description": "The Geneva environment of the geneva data connection."
+ },
+ "mdsAccounts": {
+ "type:": "array",
+ "description": "The list of mds accounts of the geneva data connection."
+ },
+ "isScrubbed": {
+ "type:": "boolean",
+ "description": "Indicates whether the data is scrubbed."
+ }
+ },
+ "required": [
+ "genevaEnvironment",
+ "mdsAccounts",
+ "isScrubbed"
+ ],
+ "description": "Class representing the Kusto Geneva legacy connection properties."
+ },
+ "GenevaLegacyDataConnection": {
+ "type": "object",
+ "properties": {
+ "properties": {
+ "oneOf": [
+ {
+ "$ref": "#/definitions/GenevaLegacyDataConnectionProperties"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Geneva legacy data connection properties"
+ },
+ "kind": {
+ "type": "string",
+ "enum": [
+ "GenevaLegacy"
+ ]
+ }
+ },
+ "required": [
+ "kind"
+ ],
+ "description": "Information about the Geneva (GDS) data connection"
+ },
+ "KeyVaultProperties": {
+ "type": "object",
+ "properties": {
+ "keyName": {
+ "type": "string",
+ "description": "The name of the key vault key.",
+ "x-ms-client-name": "KeyName"
+ },
+ "keyVersion": {
+ "type": "string",
+ "description": "The version of the key vault key.",
+ "x-ms-client-name": "KeyVersion"
+ },
+ "keyVaultUri": {
+ "type": "string",
+ "description": "The Uri of the key vault.",
+ "x-ms-client-name": "KeyVaultUri"
+ },
+ "userIdentity": {
+ "type": "string",
+ "description": "The user assigned identity (ARM resource id) that has access to the key.",
+ "x-ms-client-name": "UserIdentity"
+ }
+ },
+ "required": [
+ "keyName",
+ "keyVaultUri"
+ ],
+ "description": "Properties of the key vault."
+ },
+ "OptimizedAutoscale": {
+ "type": "object",
+ "properties": {
+ "version": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "The version of the template defined, for instance 1."
+ },
+ "isEnabled": {
+ "oneOf": [
+ {
+ "type": "boolean"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "A boolean value that indicate if the optimized autoscale feature is enabled or not."
+ },
+ "minimum": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Minimum allowed instances count."
+ },
+ "maximum": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
+ }
+ ],
+ "description": "Maximum allowed instances count."
+ }
+ },
+ "required": [
+ "version",
+ "isEnabled",
+ "minimum",
+ "maximum"
+ ],
+ "description": "A class that contains the optimized auto scale definition."
+ },
+ "TrustedExternalTenant": {
+ "type": "object",
+ "properties": {
+ "value": {
+ "type": "string",
+ "description": "GUID representing an external tenant."
+ }
+ },
+ "description": "Represents a tenant ID that is trusted by the cluster."
+ },
+ "VirtualNetworkConfiguration": {
+ "type": "object",
+ "properties": {
+ "subnetId": {
+ "type": "string",
+ "description": "The subnet resource id."
+ },
+ "enginePublicIpId": {
+ "type": "string",
+ "description": "Engine service's public IP address resource id."
+ },
+ "dataManagementPublicIpId": {
+ "type": "string",
+ "description": "Data management's service public IP address resource id."
+ }
+ },
+ "required": [
+ "subnetId",
+ "enginePublicIpId",
+ "dataManagementPublicIpId"
+ ],
+ "description": "A class that contains virtual network definition."
+ },
+ "DataFormat": {
+ "type": "string",
+ "enum": [
+ "MULTIJSON",
+ "JSON",
+ "CSV",
+ "TSV",
+ "SCSV",
+ "SOHSV",
+ "PSV",
+ "TXT",
+ "RAW",
+ "SINGLEJSON",
+ "AVRO",
+ "TSVE",
+ "PARQUET",
+ "ORC",
+ "APACHEAVRO",
+ "W3CLOGFILE"
+ ],
+ "description": "The data format of the message. Optionally the data format can be added to each message.",
+ "x-ms-enum": {
+ "name": "dataFormat",
+ "modelAsString": true
+ }
+ },
+ "EventSystemProperties": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "description": "The resource system properties."
+ },
+ "BlobStorageEventType": {
+ "description": "The name of blob storage event type to process.",
+ "type": "string",
+ "enum": [
+ "Microsoft.Storage.BlobCreated",
+ "Microsoft.Storage.BlobRenamed"
+ ],
+ "x-ms-enum": {
+ "name": "blobStorageEventType",
+ "modelAsString": true
+ }
+ }
+ }
+}
diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json
index 73893a3f0d..ace52e0359 100644
--- a/schemas/common/autogeneratedResources.json
+++ b/schemas/common/autogeneratedResources.json
@@ -3937,6 +3937,12 @@
{
"$ref": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.Migrate.json#/resourceDefinitions/assessmentProjects_vmwarecollectors"
},
+ {
+ "$ref": "https://schema.management.azure.com/schemas/2019-10-01-preview/Microsoft.Migrate.json#/resourceDefinitions/moveCollections"
+ },
+ {
+ "$ref": "https://schema.management.azure.com/schemas/2019-10-01-preview/Microsoft.Migrate.json#/resourceDefinitions/moveCollections_moveResources"
+ },
{
"$ref": "https://schema.management.azure.com/schemas/2017-08-15/Microsoft.NetApp.json#/resourceDefinitions/netAppAccounts"
},